How to legally test the reaction of an outsourced DDoS protection provider to a DDoS attack, similar to a red teaming engagement?

Hello!

I work in a security/pentesting company and in the last year the demand for DDoS testing has dramatically increased. The issue is that the customer is not interested in what I call a mislabeled load test, but wants us to test the reaction time and reliability of the (almost always outsourced, mostly to their ISP) DDoS protection provider they are using for their applications, plus the impact of the countermeasures launched to reduce an ongoing attack (which are usually various blocking rules made by the DDoS protection provider).

I’ve identified several issues – figuring out from where to perform the test to still go though the DDoS protection provider (that’s very often an ISP guarding their perimeter), how to avoid affecting unrelated third parties, and how to scale up the attack to at least trigger the detection thresholds of the DDoS protection provider while still keeping the test legal and price in a reasonable ranges, since the cost-value tradeoff is still pretty important.

Since I’ve given it a lot of though and I was unable to come up with a solution, and there are legal companies (not counting the random sites that take payment in bitcoin, but legit security companies that you contact for a quote), I’m really intrigued about how they do it and what am I missing. Is there anyone here who has experience with similar kind of engagement?

I hope that cross-posting from security stackexchage is ok. Copying the text of the post, since it’s mine, here seems unnecessary, but if it is an issue I will fix it and paste the content here.

Here are more details, with more in-depth description of the approaches I’ve explored (and rejected), and ideas I’ve had for the solution:
How to test the reaction of an outsourced DDoS protection provider to a DDoS attack, similar to a red teaming engagement?

Thank you! The issue is bugging me and I honestly think that it’s a pretty interesting challenge to think about, that’s why I’m also posting it here.

submitted by /u/Mikina
[link] [comments]

German airport websites hit by DDos attacks once again

Experts are investigating the failures of several German airports after some media attributed them to a possible hacking campaign. On Thursday, the websites of several German airports were unreachable, experts launched an investigation speculating a possible cyberattack on a large scale against the critical infrastructure. Ralph Beisel. chief executive of the ADV airport association, confirmed […]

The post German airport websites hit by DDos attacks once again appeared first on Security Affairs.

How do people maintain botnet servers?

Yeah yeah i know that you can change proxies constantly and hide your server and all but like isnt it too less reward for too much work? Like all it takes for you to be caught is a guy to scan his outbound connections and find your backdoor and bam enj…

How to reset Onkyo Amplifier using Shell Commands?

Hey guys,

TL;DR – I got an Onkyo TX-NR646, front panel and remote is unresponsive, but amp works through Wi-Fi. Skip the questions at the end if u dont wanna read the whole story

I am an Onkyo Amp user ( yeah, ik sucks to be me). Bit of a backstory, I owned 2, one of them broke spend 75% of original cost to ship a replacement board from over 6000km away, coz I live in Sri Lanka.

The one I have the problem is with the Onkyo TX-NR646, somewhere around doing a software update it crashed… and you guessed I had to replace the WHOLE DAMN BOARD, coz onkyo thats why.

Past a year or so, everything is fine with the TX till yesterday, the remote and the front panel stopped working, at all. I have to say all the AMP features work 100%, I have connected it to Wi-Fi so I can use the Wi-Fi remote and it works perfectly. But the buttons on the front and the remote do nothing at all. I figured it was a loose ribbon so I opened it up and re connected stuff and still same issue. Somehow the front panel started working, for like 30 seconds and stopped. I resetted it in that time frame and regretted cause now I have no Wi-Fi control either. Somehow I managed to mess around and quickly connected to Wi-Fi before it became unresponsive.

Before anyone mentions, ik a lot about onkyo amps and their problems so I did the usual, power off, disconnect everything blah blah blah. Right not I am not sure if its a software or a hardware problem.

So I booted up my PC and decided to access the Linux Shell of the Amp (telnet). Worked fine, I found a github repo on some EISCRP commands, so it was easy to get by, but now I wanna try two things and that’s what I want your help on.

Question 01 – How to do a fully Software reset of the amp, using the command-line shell?

Question 02 – Can I get a backup (ftp doesn’t work btw) of the entire software to my computer, in case something happens?

Question 03 – Should I do a firmware update (it is already updated to latest) and hope that it starts working again?

Thanks

submitted by /u/OkithaPROGZ
[link] [comments]

Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine

Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The vulnerability resides in the residing in the HFS+ file parser component, an attacker can trigger […]

The post Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine appeared first on Security Affairs.

Argon2 cracking benchmarks vs pbkdf2

Argon2 is growing in popularity as a password derivation function. Does anyone have some benchmarks comparing for example Hashcat doing PBKDF2 vs John the Ripper doing Argon2 – on the same machine / rig? End users choosing Argon2 on Keepass and Bitward…

How do I get a link to a page on a webapp with an unchanging link?

I need to get a link for a specific page on a webapp, but the link in the address bar does not change. I am pretty sure they are using ajax and I am completely sure that they are using Bubble (a codeless web design thing). I specifically need the link …

Community Fridges – pushing concept to public discourse.

Looking to push the concept of Community Fridges to the global discourse.
The concept: Placing fridges in low-income neighborhoods, to allow the public, restaurants, companies to donate food and for anyone who needs it, to freely take it. Allowing the reduction of food waste and donating food to the underprivileged.

Food safety companies donate workers who check the food and/or train volunteers to do so. Trucking companies can donate shipment from food donation locations to the fridges. Elderly residents, who know the community, can volunteer to ‘guard’ the fridges and make sure those who take the food actually need it – providing respect and ’employment’ to these individuals. Everything in this concept requires little funding and allows companies who donate to publicize “contributing to society”, which can raise their public image.

The concept is active in Asia for decades now, started in Europe within the last decade and in the US in the past few years.

I wish to get US celebrities to push the idea, to get it into public discourse.

I know this isn’t directly connected to the topic, I just tried contacting agents, assistants and managers of celebrities and never got a reply or a notice of passing the idea. Think the skills you have may be beneficial to get the concept into the right people.

Examples:

https://www.hubbub.org.uk/the-community-fridge running this in the UK.
Robin Food – A restaurant that collects unsold food from markets, converts it into meals and offers it, pay-as-you-wish, to the public.

submitted by /u/HaRabbiAtta
[link] [comments]

The Auto-mod is a piece of shit

My posts keep getting deleted for no reason. Someone please dial back the bot. I’m a security researcher/professional that is trying to ask a detailed and specific question to the community about recommendations for windows software supporting API scan…