Why DoS testing?
Denial of service attacks block the operation of a service by temporarily overloading it. A DoS attack usually means flooding the network with redundant data, but it can also be performed by other methods.
Particularly by sites with a sales function, they can significantly, negatively affect sales results. Customers are sometimes unable to make any purchase on the site for several hours or, in the absence of monitoring, even for several days.
What do I get after the Tests?
The result of the tests is a report with identified areas for security improvement. All vulnerabilities and anomalies found will be grouped according to risk (according to the Common Vulnerability Scoring System – CVSS) and marked in the most common standards (OVAL, CVE). The report will also include a ready list of warranty claims to current suppliers, if identified. The report will be discussed in detail at a sum-up meeting.
CyberClue does not leave you with the report alone. We can also help you make all the necessary corrections and changes.
Resistance tests against DoS attacks, as needed, can include:
- Simulation of volumetric attacks on external applications, with one or more methods, e.g. Syn Flood, ICMP Flood, DNS re-flection, NTP reflection, SNMP reflection
- Simulation of volumetric attacks on internal applications, with one or more methods, e.g. Syn Flood, ICMP Flood, DNS re-flection, NTP reflection, SNMP reflection
- Simulation of application attacks on external applications, with one or more methods, e.g. Slowloris, Range Header DoS, Slow Read, Slow HTTP Post, http GET Flood, SSL/TLS DoS
- Simulation of application attacks on internal applications, with one or more methods, e.g. Slowloris, Range Header DoS, Slow Read, Slow HTTP Post, http GET Flood, SSL/TLS DoS
- Searching for ReDoS errors
- Searching for XML Bomb type errors