[c-nsp] Tool for audit/check router CoPP resistance
Daniel Dib
daniel.dib at reaper.nu
Wed Mar 12 01:14:54 EDT 2008
Hi.
Two tools you should definately check out if you haven't already are Hping
and yersinia. Hping is a tool for crafting packets, you specify TCP or UDP
and port number etc and how often you want to send packets, good for testing
ACL's and CoPP-policies. Yersinia is a tool for flooding CDP and BPDU's etc,
very handy, you can use it to test mls rate-limiters. Also a simple ping -fs
from a *nix box is good for flooding ICMP. If you are really serious about
testing you might want to get your hands on a box from Spirent but they are
quite expensive.
/Daniel
-----Ursprungligt meddelande-----
Från: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] För Robert Hass
Skickat: den 11 mars 2008 16:50
Till: cisco-nsp at puck.nether.net
Ämne: [c-nsp] Tool for audit/check router CoPP resistance
Hi
We'd like to check our Control Planes resistance to DDoS attacks.
We mainly want to check this on our 7200VXRs, 6500 and 7600 where
CoPP is deployed.
Is any good tool to simulate DDoS network ? We have few test servers
which can be used as 'enemies'. Tool can be for Windows/Linux/*BSD or
even MacOS X.
Robert
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list