Search /
Docfinder:

RESEARCH CENTERS

Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile

SITE RESOURCES

Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings

TODAY'S NEWS

•	Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
•	Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
•	Microsoft details 'Windows on ARM' program
•	March debut of 'iPad 3' a sure bet, says analyst
•
•	FBI unbolts Steve Jobs 1991 investigation file
•	Cisco boosted profit, sales in Q2 while cutting costs
•	Macs take on the enterprise
•	Four crazy tech ideas from Google's Solve for X project
•	Obama 2012 campaign playlist revealed courtesy of Spotify
•	Oracle buying Taleo for US$1.9 billion in direct hit at SAP
•	Amazon attacks Apple: You get 3 Kindle products for price of iPad 2
•	Pre-rendered pages highlight latest Google Chrome release
•	Microsoft exec: Lync-Skype integration a 'compelling opportunity'
•	The future of hypervisors
•	More breaking news

/

How we did it

By Mandy Andress
Network World, 08/27/01

We set up a Gigabit Ethernet attack network with two servers, each a 900-MHz Pentium III with 128M bytes of RAM, as an attacker and a server. TrafficMaster Inspector sat in the middle of these two machines, monitoring and capturing all network traffic.

We launched a variety of distributed denial-of-service attacks using various tools and packet generators available at the Packetstorm Web site. Attacks included ping floods, ACK attacks, random ICMP floods, random IP floods and TCP reset floods. The ping flood attack sent a large number of Internet Control Messaging Protocol (ICMP) packets. The ACK attack sent a large number of TCP packets with the ACK flag set. The random ICMP floods sent a large number of ICMP packets with various aspects, such as IP address and time to live, randomized. The random IP floods sent a large number of randomized packets, and the TCP reset floods sent a large number of TCP packets with the reset flag set. With each attack, approximately 50,000 to 60,000 packets per second were sent across the network.

We also used a traffic generator (Traffic Source available here) to generate several hundred megabits of traffic to simulate a sudden increase in legitimate traffic to see if Inspector flagged it as suspicious. This traffic included HTTP, FTP, SMTP and general broadcast traffic.

Back to the main review

RELATED LINKS

Andress is president of ArcSec Technologies, a security consultancy. Her new book, Surviving Security, was recently published. She can be reached at mandy@arcsec.com.

McAfee to fight DoS with Asta, Mazu and Arbor
McAfee announced it is teaming with anti-denial-of-service companies Mazu Networks, Asta Networks and Arbor Networks to develop a method of stopping DoS attacks.
IDG News Service, 08/20/01.

Start-up Mazu unveils device to stop DDoS attacks
The product is the TrafficMaster line of anti- distributed denial of service devices, a series of 1u (1.75-inch) tall devices that are installed as deep into a network as possible.
IDG News Service, 06/25/01.

Start-ups vie to defeat DoS attacks
Nobody's claiming it's easy to prevent and stop denial-of- service attacks, but three security start-ups are vying to prove that they can minimize the threat.
Network World, 02/05/01.

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!

New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE

Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.