Netstress DoS/DDoS saldırıları gerçekleştirerek Firewall/IPS/DDoS sistemlerini test etme amacıyla geliştirilmiş bir yazılımdır. Piyasada bulunan Firewall/IPS ve DDoS egelleme sistemlerinin çoğunda tasarımsal ve yazılımsal hatalar vardır.
Netstress barındırdığı 100′e yakın test seçeneğiyle güvenlik cihazlarındaki bu tasarımsal, yazılımsal hataların çoğunu gerçek ortamlarda test etme imkanı sağlamaktadır.
Netstress neden geliştirilmiştir?
Bilgi güvenliği akademisi bünyesinde verilen DDoS Saldırıları ve Korunma Yolları Eğitiminde katılımcıların DDoS saldırılarını daha iyi anlayabilmeleri amacıyla gerçek ortamlara yakın test senaryolarını gerçekleştirmek ve verilen DDoS test hizmetlerini daha kaliteli yapabilmek amacıyla geliştirilmiştir.
Netstress Linux sistemler üzerinde çalışmaktadır ve donanıma bağlı olarak kapasitesi değişmektedir. Netstress 4 CPU’lu bir sistemde 5.000.000 SYN paketi(diğer TCP/UDP paketleri de aynı sayıda), 3,5 Gb trafik oluşturabilmektedir.
Netstress v1.0′da bulunan özellikler
Syn Flood Attacks
- SYNFlood with static source port
- SYNFlood with random source port
- SYNFlood with static source ip address
- SYNFlood with random source address
- SynFlood with fragmented packets
- ACK Flood with static source port
- ACK Flood with random source port
- ACK Flood with static source ip address
- ACK Flood with random source address
- ACK Flood with fragmented packets
- FIN Flood with static source port
- FIN Flood with random source port
- FIN Flood with static source ip address
- FIN Flood with random source address
- FIN Flood with fragmented packets
- Static source port udp flood
- UDP flood with random source port
- UDP Flood with static source ip address
- UDP Flood with random source address
- UDP Flood with fragmented packets
- ICMP Flood with all options random(source ip, icmp type, code)
- Stateless GET Flood
- Stateless POST Flood
- GET Flood with spoofed headers
- POST Flood with spoofed headers
- SYN+UDP+GET Flood
- ICMP+UDP
- UDP+PUSH Flood
- UDP+ICMP Flood
- DNS flood with static source ip address
- DNS flood with static sppofed ip address
- DNS flood with random ip address
- Root zone amplified DNS DoS
- Spoof well known botnet’s floodings features
- Send packets from a subnet like 88.x.x.x.
- Rate limiting features test
- Statefull packet inspection tests
- Send packets with all known country ip blocks
- Teardrops attacks
- Ping of death
- Smurf
- Reflected ICMP and UDP attacks
- Stacheldraht tool
- Trinoo
- TFN
Eklenecek Özellikler
- SMTP Flooding
- Mail bombing
- Application/OS spesific DoS attacks
- Bind DoS
- Apache DoS
- Juniper
- OpenBSD
- Cisco ASA
- Microsoft Windows
About the author /
Mustafa Kaya
The first stop for security news | Threatpost
- Unique Malspam Campaign Uses MS Publisher to Drop a RAT on Banks 17 Ağustos 2018A new email campaign includes a Microsoft Office Publisher file with malicious URLs leading to the FlawedAmmyy RAT.
- Severe PHP Exploit Threatens WordPress Sites with Remote Code Execution 17 Ağustos 2018The issue impacts several content management systems, including Typo3 and WordPress, as well as widely-used PDF generation library TCPDF.
- AT&T Faces $224M Legal Challenge Over SIM-Jacking Rings 17 Ağustos 2018Cryptocurrency angel investor Michael Terpin seeks damages for "gross negligence" by the carrier, alleging it turned a blind eye to store employees' malicious activities.
- ATM Heists Only Set to Accelerate After $13M Break-In 17 Ağustos 2018The Cosmos Bank incident is only the latest, not the last, thanks to lagging security practices.
- ‘China’s MIT’ Linked to Espionage Campaign Against Alaska, Economic Partners 16 Ağustos 2018The targets were scanned millions of times, and are all in some way linked to China's ongoing economic development activities, according to Recorded Future.
- Google Expands Bug-Bounty Program to Battle Abuse Methods 16 Ağustos 2018The program focuses on potential abuse methods across Google's product-specific channels like Google+, Youtube, Gmail and Blogger.
Leave a reply