DDoS Testing
Denial of Service (DoS) & Distributed Denial of Service (DDoS) are a significant risk to critical infrastructure and business actors. DDoS testing will show you how you are protected, and how you can defend.
Quant DoS testing: Testing websites and Internet applications without taking them down
Quant DoS testing of websites and Internet applications is an area where P1 Security has pioneered several techniques which are still yet to be matched by other companies. We can test websites and Internet application for their DoS susceptibility without conducting a real Denial of Service. We can evaluate and pinpoint problems in deployed solutions such as: Anycast DNS resolving, DDoS mitigation appliances (Arbor Networks, Load Balancers, …), SaaS availability services, Round-robin distribution, multi-tiered applications, etc.IP DoS simulation: Internet Infrastructure and services load testing
P1 Security has provided several operators, banks, mobile financial services and enterprises with DoS testing of their infrastructure. We use farms of servers to simulate for a short period of time a load comparable to what Denial of Service might deliver.Telecom DoS simulation: SS7, SIGTRAN, IMS, LTE Diameter, LTE S1AP, X2AP telecom signaling load testing
Using our unique capabilities for telecom and mobile signaling manipulation, P1 Security conduct evaluation of resilience of both network architecture and individual network elements in front of Denial of Service attacks. This combines both load testing based on network load generation and robustness testing based on fuzzing techniques. This approach demonstrates a level and diversity matching real conditions, showing unavailability, vulnerabilities and instabilities where traditional testing and call generation techniques fail to reproduce or show problem.Quant DoS testing
- Simple testing of your infrastructure without downtime or maintenance window
- Legal way to evaluate your DDoS preparedness
- Internet Service testing of Web (HTTP), Secure Web (HTTPS), DNS, IP Infrastructure, …
- External and Internal monitoring capability
- One-shot or monthly repetitive evaluation
- Blackbox mode: no specific knowledge nor access needed to perform the audit
- Pinpoints in website which individual network or software component is slowing the overall websites
Telecom DoS simulation
- Testbed-only testing
- Both well-formed and malformed traffic generation
- Combination possible with traditional call flow generators such as Tektronix, IXIA, …
- Focus on overall architecture or single Network Element
- Large support of telecom signaling and media protocols
- SS7, SIGTRAN: SCTP, M3UA, SUA, SCCP, TCAP, MAP, INAP, CAP, ISUP, OMAP, H.248, TUP, BICC, CAMEL, BSSAP, RANAP, SMS PDU
- IMS, LTE: Diameter, S1AP, X2AP, SIP, RTP, SRTP, ZRTP, SGsAP;
- UMA: GAN protocol, UMA
- Messaging: SMTP, Jabber, SMPP
- SDN/NFV: OpenFlow, Proprietary provisionning protocols, OpenStack, NetConf
- SCCP Flooding Attempt – Infrastructure DoS (medium impact)
- TCAP Session Flooding – Infrastructure DoS (high impact)
- VLR Stuffing attack – Infrastructure DoS (high impact)
- Region availability attack – Infrastructure DoS (high impact)
- Billing System flooding – Signaling attack & fraud category (high impact)
- USSD flooding
- MAP PRN flooding
- Hostile Location Update – Targetted DoS (high impact)
- Signaling Decoding Bomb – Signaling attack & fraud category (high impact)
- SCTP Peering Point DoS
IP DoS simulation
- Many farms of load testing servers
- From 1 Gbps to 200 Gbps
- From 20 simulated clients to 20 million simulated clients
- From ISO model layer 3 to layer 7
- Large support of IP protocols: TCP/IP: ICMP, IP, TCP, UDP, SCTP, Multihomed SCTP, DNS, BGP, HTTP, HTTPS, SSL/TLS, Jabber, Multipath TCP
- Progressive growth of traffic generation
- Automated or time-window maintenance scheduling
DoS Testing – Product Description
513 KB ]
©2022