Project

General

Profile

Actions

Support #1992

closed

Testing DDOS attack

Added by Rahul Surya over 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Affected Versions:
Label:

Description

Actually we are adding a local rule for ddos attack,
Like this
drop tcp any any -> any any (flags: S; msg:"Possible TCP DoS"; flow: stateless; threshold: type both, track by_dst, count 70, seconds 10; sid:10001;rev:1)
after that i am sending DDOS traffic through hping using "hping3 -S -p 80 --flood --rand-source 47.47.47.2" and within less than 10 seconds i am getting this rule in fastlog and traffic is getting dropped ,but after if i made pinging(nomal traffic) to the same interface and no rule is exist ,its not pinging.So can we tell how to test DDOS and DOS traffic and rule needed to be added.

Actions

Also available in: Atom PDF