Distributed denial of service (DDoS) attacks have become an enormous risk, shutting down businesses, halting bank transactions and disrupting government communications. This past summer, DDoS attacks were rampant, most notably in July, when cyber attacks, created with the help of botnets, targeted a number of government, news media and financial Web sites in South Korea and the United States. Just a month later, several social networking services, including Twitter, Facebook and Google, were struck with DDoS attacks, crippling services for hours. As DDoS and botnet attacks have become more frequent and damaging, it has become more important to test network equipment and application servers with these same attacks in mind. Only through realistic attack simulation can you determine how equipment and the network will respond under attack. The “BreakingPoint DDoS and Botnet Test Methodology” replicates a variety of attacks to help users find their network weaknesses before others do. Such attacks include the following: DDoS attacks designed to consume all available bandwidth, all disk space or all available CPU cycles DDoS attacks designed to disrupt important information flow such as routing tables by injecting false routes, thus causing packets to be misrouted DDoS attacks designed to break the physical layer of the network and obstruct the communication between the end point and the user Botnet attacks designed to send large quantities of unsolicited e-mail to trigger Delivery Server Notifications to spoofed originating email addresses

1. Preparing for DDoS and Botnet Attacks BreakingPoint Webcast and Test Methodology 11/05/09