Vulcan DoS Vs Akamai

In the past I had to do several DoS security audits, with múltiples types of tests and intensities. Sometimes several DDoS protections were present like Akamai for static content, and Arbor for absorb part of the bandwith.

One consideration for the DoS/DDoS tools is that probably it will loss the control of the attacker host, and the tool at least has to be able to stop automatically with a timeout, but can also implement remote response checks.

In order to size the minimum mbps needed to flood a service or to retard the response in a significant amount of time, the attacker hosts need a bandwith limiter, that increments in a logarithmic way up to a limit agreed with the customer/isp/cpd.

There are DoS tools that doesn't have this timeouts, and bandwith limit based on mbps, for that reason I have to implement a LD_PRELOAD based solution: bwcontrol

Although there are several good tools for stressing web servers and web aplications like apache ab, or other common tools used for pen-testing, but I also wrote a fast web flooder in c++ named wflood.

As expected the most effective for taking down the web server are the slow-loris, slow-read and derivatives, few host were needed to DoS an online banking. 

Remote attacks to database and highly dynamic web content were discarded, that could be impacted for sure.

I did another tool in c++ for crafting massive tcp/udp/ip malformed packets, that impacted sometimes on load balancers and firewalls, it was vulcan, it freezed even the firewall client software.

The funny thing was that the common attacks against Akamai hosts, where ineffective, and so does the slow-loris family of attacks, because are common, and the Akamai nginx webservers are well tunned. But when tried vulcan, few intensity was enough to crash Akamai hosts.

Another attack vector for static sites was trying to locate the IP of the customer instead of Akamai, if the customer doesn't use the Akamai Shadow service, it's possible to perform a HTTP Host header scan, and direct the attack to that host bypassing Akamai.

And what about Arbor protection? is good for reducing the flood but there are other kind of attacks, and this protection use to be disabled by default and in local holidays can be a mess.

Related word

1. Pentest Tools Linux
2. Pentest Tools Windows
3. Pentest Tools Find Subdomains
4. Hack Tools
5. Termux Hacking Tools 2019
6. Computer Hacker
7. Pentest Tools For Android
8. Pentest Tools List
9. Pentest Tools Download
10. Pentest Tools Github
11. Pentest Recon Tools
12. Hack Rom Tools
13. Hacking Tools For Kali Linux
14. Hacker Tools Online
15. Hacking Tools Name
16. Hacker Tools For Mac
17. Hacker Security Tools
18. Wifi Hacker Tools For Windows
19. Pentest Tools Github
20. Pentest Reporting Tools
21. Free Pentest Tools For Windows
22. Hacker Tools List
23. Pentest Tools For Windows
24. Hacking Tools For Games
25. Hacking Tools Kit
26. Hacker Tools For Pc
27. Tools 4 Hack
28. Hack Apps
29. Hacker Tools For Ios
30. Hacks And Tools
31. Hacking Tools Download
32. Pentest Tools Linux
33. Pentest Tools Subdomain
34. Pentest Tools Apk
35. Pentest Tools Url Fuzzer
36. Hacking Tools
37. Hacking Tools Free Download
38. Computer Hacker
39. Hacker Techniques Tools And Incident Handling
40. Pentest Tools Android
41. Pentest Tools Review
42. Hack Tools For Ubuntu
43. What Is Hacking Tools
44. Pentest Tools Alternative
45. How To Hack
46. Hacking Tools Windows 10
47. Game Hacking
48. Pentest Tools For Mac
49. Pentest Tools Alternative
50. Pentest Reporting Tools
51. Hacker Tools Windows
52. Hack Apps
53. Hacker Search Tools
54. Install Pentest Tools Ubuntu