July 31, 2017

What is the maximum bandwidth / throughput of the DDoS test in Gbps?

A: As large as you need. The only practical limit to attack size is permission and budget. The highest bandwidth generated by the platform was 550 Gigabit/sec. The largest Layer 7 attack was over 2 million HTTPS requests/sec.

A single agent is actually capable of sending over 500 megabit/sec (large packets) and at least 50k packets/sec. So 200 agents is capable of sending 100 Gigabit/sec!  In practice it is not wise to run agents this aggressively. It is better to simulate traffic levels generated from real cloud-based botnets.

Instead of super-high levels of traffic from a single attacker it is recommended to start attacks at lower levels, and ramp-up progressively to whatever maximum limit that the test plan indicates.  At each ramp-up step systems are checked for impact. By sending a variety of traffic levels from each attacker it is possible to learn if systems are vulnerable to low traffic levels before an ‘Anti-DDoS’ mechanism activates.

Further, by varying traffic levels across agents makes an attack appear more realistic. The platform allows individual attackers to shape traffic to arbitrary levels to each target tested.

Note that for Layer 7 attacks, the network traffic is ultimately limited by server capacity. Once it is exhausted traffic will likely begin to falter vs. increase.

Meet RedWolf at RSA Conference 2019

Sharjil Khan, Principal Consultant at Redwolf Security Inc will be giving a presentation ‘How to Design and Operate a DDOS Testing Program’ on March 6th between 1:30pm and 4:30pm.

Click here to learn more