[測試] 【轉貼】DoS website with GoldenEye – Layer 7 tool with KeepAlive NoCache

I've talked about testing few DoS tools that can put heavy load on HTTP servers in order to bring them to their knees by exhausting resource pools. GoldenEye is the first of those tools and it is one of the newest I discovered in GitHub.

You can DoS websites with GoldenEye and bring it down almost within 30 seconds depending on how big their memory pool is.

Of course, it won't work on protected servers and servers behind a proper WAF, IDS, but this is a great tool to test your own Web Server for load testing and amend your iptables/Firewall rules accordingly.

I will put several warnings and disclaimers in this post so that even the most feeble minds wont be able to deny reading those.

Full tutorial: http://www.darkmoreops.com/2014/11/22/dos-website-with-goldeneye/

多謝分享

TOP

layer 7 attack is cool idea, but is it http only?

TOP

layer 7 attack is cool idea, but is it http only?
crud 發表於 3/12/2014 16:04

Test it to find out? I am no network engineer....  

TOP

回覆 3# crud

其實CONCEPT上應該好耐己經有..
所以我SEARCH過GOOGLE SCHOLAR,
真係發覺其實都好耐...就咁SEARCH都有10年..

因為有LIMITATION,
所以D 人先用SYNFLOOD之類比較LOWER LAYER既DOS / DDOS ATTACK
(起碼可以SPOOFING IP, SYN FLAG...)

我諗呢個只 0岩 D 連 MULTIPLE IP CONNECTION都唔BLOCK既SERVER..

TOP