Results 1 to 6 of 6

Thread: Best Indicators of a DDOS attack

  1. April 10th, 2013 #1
    psyllex
    psyllex is offline Just Give Me the Beans!
    Join Date
    Dec 2012
    Beans
    67

    Best Indicators of a DDOS attack

    Hello people. I'm thinking about setting up some sensors to run some pretend DDOS attacks on like UDP, Flood, Hulk etc. I'm wondering what tools, scripts etc might be useful to measure metrics (which I'm not sure) during an attack. Bandwidth doesn't truly show everything so I would probably want network i/o, cpu load, I don't know whatever else I you could think of. I'm just trying to get some ideas of what tools to use (command line) and then I can modify them to pipe the results to a .cvs file which I can then grab with envision.js and chart it out.

    I know that's kinda broad but I'm open to anything so please throw me any ideas pertaining to this. Thanks a lot people.
    Advanced reply Adv Reply  
  2. April 10th, 2013 #2
    somethingcatchy
    somethingcatchy is offline Just Give Me the Beans!
    Join Date
    Apr 2013
    Beans
    48

    Re: Best Indicators of a DDOS attack

    I'm no guru. And I can tell by the question you've asked that you actually know more about this stuff than I do. However, I am in the process of setting up a learning platform for myself. This is a list of the tools that I have found in the repos that *may* be able to give you the information you're looking for. You might want to check them out:

    Ether Ape
    ettercap
    Nmap
    Umit Network Scanner
    Wireshark
    Zenmap
    Advanced reply Adv Reply  
  3. April 10th, 2013 #3
    psyllex
    psyllex is offline Just Give Me the Beans!
    Join Date
    Dec 2012
    Beans
    67

    Re: Best Indicators of a DDOS attack

    Quote Originally Posted by somethingcatchy View Post
    I'm no guru. And I can tell by the question you've asked that you actually know more about this stuff than I do. However, I am in the process of setting up a learning platform for myself. This is a list of the tools that I have found in the repos that *may* be able to give you the information you're looking for. You might want to check them out:

    Ether Ape
    ettercap
    Nmap
    Umit Network Scanner
    Wireshark
    Zenmap
    Yeah I have most of those...I forgot about nmap tho'. I'm trying to find some tools that I can pipe to a txt or cvs file so I can use the data. Basically I'm attempted to dodge learning snmp! lol.
    Advanced reply Adv Reply  
  4. April 11th, 2013 #4
    somethingcatchy
    somethingcatchy is offline Just Give Me the Beans!
    Join Date
    Apr 2013
    Beans
    48

    Re: Best Indicators of a DDOS attack

    Well I'm still taking baby steps on scripting, but isn't it possible to pipe an output just about anyhwhere with the right syntax in a shell script?
    Advanced reply Adv Reply  
  5. April 11th, 2013 #5
    psyllex
    psyllex is offline Just Give Me the Beans!
    Join Date
    Dec 2012
    Beans
    67

    Re: Best Indicators of a DDOS attack

    pretty much
    Advanced reply Adv Reply  
  6. April 11th, 2013 #6
    lvlint67
    lvlint67 is offline 5 Cups of Ubuntu
    Join Date
    Sep 2009
    Beans
    41

    Re: Best Indicators of a DDOS attack

    There are some iptables statements we use to log and block brute force attempts...

    active ddos:
    tcpdump
    free
    netstat
    uptime (for load averages)
    Advanced reply Adv Reply  
« Previous Thread | Next Thread »

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Ubuntu Forums Code of Conduct