July 31, 2017
Can you generate a “war games” scenario where blended or mixed attacks are used, and attacks are changed to address implemented countermeasures?
Yes, many options are available. Since the system is very visual it is possible to easily define tests that:
BLEND MULTIPLE VECTORS TO SINGLE TARGET
e.g. A DNS Server can be hit with a ‘DNS Positive A Query’ flood, a ‘DNS Bad Protocol’ flood, a ‘DNS Reflection Attack’ all simultaneously.
e.g. An HTTP server can be hit with multiple variations of ‘SLOW’ attacks (e.g. Slow Loris, Slow Read, Slow Write, Slow Range Attack) while at the same time being targeted with a WAF-overload attack.
SINGLE VECTORS TO MULTIPLE TARGETS
It is possible to define one attack vector icon and “n” target icons and within seconds modify the flow of attack traffic to add new targets, or remove targets. Multiple targets are as easy as a single target.
MULTIPLE VECTORS TO MULTIPLE TARGETS
e.g. HTTP to web services, SMTP to mail servers, DNS to DNS servers and SSDP to other servers with no restrictions. Each target can have its own traffic shaping limits specified (e.g. send no more than 10 megabit/sec to DNS).
ROTATE ATTACKERS IN/OUT OF ATTACK
e.g. add east-coast attackers, remove west-coast, pause/start a single attacking IP, lower the entire attack to come from a single IP address and then instantly change to hundreds.
MODIFY ANY ATTACK PARAMETER IN REAL-TIME
e.g. attack size, TCP thread concurrency, protocol types, packet-sizes, URL’s, cookies, etc…
START/STOP ATTACK VECTORS AT ANY TIME WHILE KEEPING OTHERS RUNNING
e.g. a monitoring scenario can be run while various attack scenarios are started/stopped. The multiple scenarios can be running simultaneously. Multiple attack scenarios can be run simultaneously within the same scenario or multiple scenarios can be run in parallel.