Simplified DDoS Testing at Scale
Author: Chuck McAuley. At Ixia, we’ve tried to make it a habit of turning the difficult into easy. With that in mind, we’ve created a new addition to our BreakingPoint Labs: The DDoS Test Lab. This new feature allows users to select a variety of denial of service attacks through a single pane of glass.
If you are a long time BreakingPoint user, you know that we’ve had DDoS testing capabilities in the product for a long time. However, in the past each test case had to be custom tailored to the requirements of the attack. Some attacks required application-level flooding, some required high connection rate attacks on the TCP layer, and even some required bit blasting of IP fragments or specific flag combinations. And while we made examples of the most popular DDoS attacks, it always felt a little clunky.
The DDoS Lab solves this workflow by wrapping around the test components that make each attack unique and reducing the parameterization to a few options. Now, if you want to run a simulation and test your DDoS countermeasures, you are only a few clicks away.
Choose your weapon.
In this first release we’ve focused on some of the most popular attacks from the last year. Reflection attacks abusing DNS, NTP, and SSDP are in there, which according to Verisign’s recent report, have been on the rise. We’ve also included some old but common attacks including SYN Flooding, Fragmentation Attacks, and LOIC (Low Orbit Ion Cannon). And of course plenty of web application attacks, such as Slowloris, RUDY, and HTTP flooding. We will be expanding the diversity and attack library with our Application and Threat Intelligence (ATI) Subscription bi-weekly updates. Besides following reports and trends in the industry, we are always looking for feedback from our customers.
Another new feature of the DDoS Lab is the ability to select IP addresses based on geography. The user can now select incredibly large groups of IP addresses with only a few clicks. The same mechanism can be used to setup the background (in other words: legitimate) traffic as well. To select a geographical region for traffic, simply click on the assignment button and then the country. You’ll get true DDoS emulation at scale.
Britain's former colonies revolt
We are also working on pre-canned test plans that will demonstrate known attacks. The next time you hear one in the news, expect it to show up in the ATI release shortly afterwards. If you have one you’d like to see us make, please let us know.
As you can see, release 8.01 continues our goal of reducing complexity…giving you DDoS testing with only a few clicks of the mouse.
Leverage Subscription Service to Stay Ahead of Attacks
The Ixia BreakingPoint Application and Threat Intelligence (ATI) Subscription provides bi-weekly updates of the latest application protocols and attacks for use with Ixia platforms.