Why DoS testing?
Denial of Service (DoS) attacks disrupt the operation of a service by temporarily overwhelming it. Typically, a DoS attack floods the network with excessive data, but it can also be carried out using other methods.
For web applications with a sales function, such attacks can severely impact sales performance. Customers may be unable to complete purchases for hours, or in the absence of proper monitoring, even for several days.
What do I get after the Tests?
The result of the tests is a comprehensive report highlighting areas for security improvement. All vulnerabilities and anomalies found will be categorized based on risk (according to the Common Vulnerability Scoring System – CVSS) and flagged in the most widely used standards (OVAL, CVE). The report will also include a list of warranty claims to current suppliers, if applicable. A detailed review of the report will be conducted during a closing meeting.
CyberClue doesn’t just provide you with a report—we also offer assistance in implementing all the necessary corrections and improvements. Our team will support you in making the required changes to ensure your systems are fully secure.
Resistance tests against DoS attacks, as needed, can include:
- Simulation of volumetric attacks on external applications, with one or more methods, e.g. Syn Flood, ICMP Flood, DNS re-flection, NTP reflection, SNMP reflection
- Simulation of volumetric attacks on internal applications, with one or more methods, e.g. Syn Flood, ICMP Flood, DNS re-flection, NTP reflection, SNMP reflection
- Simulation of application attacks on external applications, with one or more methods, e.g. Slowloris, Range Header DoS, Slow Read, Slow HTTP Post, http GET Flood, SSL/TLS DoS
- Simulation of application attacks on internal applications, with one or more methods, e.g. Slowloris, Range Header DoS, Slow Read, Slow HTTP Post, http GET Flood, SSL/TLS DoS
- Searching for ReDoS errors
- Searching for XML Bomb type errors