Friday, August 21, 2020

Vulcan DoS Vs Akamai

In the past I had to do several DoS security audits, with mĂșltiples types of tests and intensities. Sometimes several DDoS protections were present like Akamai for static content, and Arbor for absorb part of the bandwith.

One consideration for the DoS/DDoS tools is that probably it will loss the control of the attacker host, and the tool at least has to be able to stop automatically with a timeout, but can also implement remote response checks.

In order to size the minimum mbps needed to flood a service or to retard the response in a significant amount of time, the attacker hosts need a bandwith limiter, that increments in a logarithmic way up to a limit agreed with the customer/isp/cpd.

There are DoS tools that doesn't have this timeouts, and bandwith limit based on mbps, for that reason I have to implement a LD_PRELOAD based solution: bwcontrol

Although there are several good tools for stressing web servers and web aplications like apache ab, or other common tools used for pen-testing, but I also wrote a fast web flooder in c++ named wflood.

As expected the most effective for taking down the web server are the slow-loris, slow-read and derivatives, few host were needed to DoS an online banking. 
Remote attacks to database and highly dynamic web content were discarded, that could be impacted for sure.

I did another tool in c++ for crafting massive tcp/udp/ip malformed packets, that impacted sometimes on load balancers and firewalls, it was vulcan, it freezed even the firewall client software.

The funny thing was that the common attacks against Akamai hosts, where ineffective, and so does the slow-loris family of attacks, because are common, and the Akamai nginx webservers are well tunned. But when tried vulcan, few intensity was enough to crash Akamai hosts.

Another attack vector for static sites was trying to locate the IP of the customer instead of Akamai, if the customer doesn't use the Akamai Shadow service, it's possible to perform a HTTP Host header scan, and direct the attack to that host bypassing Akamai.

And what about Arbor protection? is good for reducing the flood but there are other kind of attacks, and this protection use to be disabled by default and in local holidays can be a mess.

Related news

  1. Hacker Tools Online
  2. Pentest Tools Find Subdomains
  3. Hacker Security Tools
  4. Pentest Tools Nmap
  5. New Hacker Tools
  6. Hacker Tools For Pc
  7. Hacker Tools Linux
  8. Pentest Tools For Android
  9. Pentest Tools For Android
  10. Hack Tools 2019
  11. Hacker Tools Free
  12. Hacker Tools For Pc
  13. Hack App
  14. Growth Hacker Tools
  15. Computer Hacker
  16. Pentest Tools
  17. Pentest Reporting Tools
  18. Hacking Tools For Windows 7
  19. Best Hacking Tools 2019
  20. Pentest Tools For Windows
  21. Hacker Tools Windows
  22. How To Hack
  23. Hacking Apps
  24. Beginner Hacker Tools
  25. Hacking Tools
  26. Hacker Hardware Tools
  27. Best Pentesting Tools 2018
  28. Hacker Tools 2020
  29. Hack Tools Online
  30. Hack Apps
  31. Hacking Tools For Kali Linux
  32. Hacking Tools For Kali Linux
  33. Pentest Tools Port Scanner
  34. Hacker Tools 2019
  35. Pentest Tools Alternative
  36. Hack Tools
  37. Github Hacking Tools
  38. Hacking Tools 2020
  39. What Are Hacking Tools
  40. Hacker Tools 2019
  41. Hack Tools Mac
  42. Hack Tools For Ubuntu
  43. Pentest Tools Framework
  44. Hacker
  45. Pentest Tools Framework
  46. Hak5 Tools
  47. Hacking Tools Download
  48. Pentest Tools For Android
  49. Top Pentest Tools
  50. Pentest Tools Port Scanner
  51. Hack Tools 2019
  52. Hacking Tools Windows
  53. Top Pentest Tools
  54. Android Hack Tools Github
  55. Hacking Tools Software
  56. Pentest Tools Url Fuzzer
  57. Hacking Tools Windows 10
  58. Hack Tools Mac
  59. Growth Hacker Tools
  60. Growth Hacker Tools
  61. Pentest Box Tools Download
  62. Hacking Tools Mac
  63. Tools Used For Hacking
  64. Hacking Tools For Windows
  65. Hacker Tools Software
  66. Tools Used For Hacking
  67. Bluetooth Hacking Tools Kali
  68. Hacking Tools For Windows Free Download
  69. Hacking Tools For Pc
  70. Pentest Tools Free
  71. Pentest Tools For Windows
  72. Hacker Tools Apk
  73. Hacker Hardware Tools
  74. Hacking Tools Download
  75. Pentest Tools Open Source
  76. Pentest Tools Subdomain
  77. Hacker Tools 2020
  78. Hacker Tool Kit
  79. Pentest Tools Linux
  80. Top Pentest Tools
  81. Hacking Tools For Pc
  82. Hacker Tool Kit
  83. Hack Tools For Ubuntu
  84. Computer Hacker
  85. New Hacker Tools
  86. Hack Tools For Mac
  87. Nsa Hack Tools
  88. Pentest Tools Subdomain
  89. Pentest Tools
  90. Pentest Tools Find Subdomains
  91. Hacker Tools Apk
  92. Hack Tools Online
  93. Hack Tools For Pc
  94. Hacking App
  95. Pentest Tools List
  96. Hack Tools For Pc
  97. Pentest Tools Windows
  98. Termux Hacking Tools 2019
  99. Top Pentest Tools
  100. Nsa Hack Tools
  101. Hacking Apps
  102. Pentest Tools Alternative
  103. Pentest Tools Review
  104. Hacking App
  105. Hacker Tools List
  106. Hacker Tools Online
  107. Hack Tools Download
  108. Hacker Tools Linux
  109. Hacking Tools For Games
  110. Hacking Tools Windows
  111. Hacker Tools Hardware
  112. Pentest Tools Find Subdomains
  113. Pentest Reporting Tools
  114. Pentest Tools Open Source
  115. Physical Pentest Tools
  116. Hack Tools Pc
  117. Install Pentest Tools Ubuntu
  118. Nsa Hack Tools
  119. Hacks And Tools
  120. Pentest Tools Review
  121. World No 1 Hacker Software
  122. Beginner Hacker Tools
  123. Hack And Tools
  124. Pentest Tools Bluekeep
  125. Nsa Hacker Tools
  126. Pentest Tools Apk
  127. Pentest Tools Nmap
  128. Pentest Tools For Android
  129. Termux Hacking Tools 2019
  130. Hacking Tools Windows 10
  131. Pentest Tools Apk
  132. Hacker Tools Free Download
  133. Hack Tools Pc
  134. Top Pentest Tools
  135. Github Hacking Tools
  136. Pentest Tools For Windows
  137. Hack App
  138. Pentest Tools For Windows
  139. Physical Pentest Tools
  140. Hacking Tools For Mac
  141. Pentest Tools For Android
  142. Pentest Tools Linux
  143. Pentest Tools Online
  144. Hacking Tools Mac
  145. Game Hacking
  146. Hacker Search Tools
  147. Hack Tools Mac
  148. Hacking Tools Download
  149. Hacking Tools Windows 10
  150. Hackrf Tools
  151. Hacker Tools Apk
  152. Hacker Tools Apk Download
  153. New Hacker Tools
  154. Hack Apps
  155. Black Hat Hacker Tools
  156. Hack Tools Download
  157. Blackhat Hacker Tools
  158. Hacking Apps
  159. Pentest Tools Review
  160. How To Hack
  161. Pentest Tools Tcp Port Scanner
  162. Hack Tools 2019
  163. Hacking Tools For Kali Linux
  164. Best Hacking Tools 2020
  165. Hacks And Tools
  166. Hacking Tools Free Download
  167. Pentest Tools For Mac
  168. Hack Tool Apk
  169. Hacking Tools For Windows Free Download
  170. How To Make Hacking Tools
  171. Beginner Hacker Tools
  172. Blackhat Hacker Tools
  173. Pentest Tools