什么会更好地淹没网络?
1- 打开一个套接字到 http web 服务器并写入数据直到崩溃
2-打开多个套接字并写入数据直到崩溃
3- 打开一个套接字并发送 tcp 数据包直到崩溃
4-打开多个套接字并发送 tcp 数据包直到崩溃?
user1343820
问问题
1310 次
2 回答
3
It sounds like what you are looking to do is to test how the web server reacts to various flavors of Denial of Service attacks.
Something to consider is what is the Denial of Service logic in the web server and how is Denial of Service protection typically implemented in web servers. For instance is there logic to cap the number of concurrent connections or the number of concurrent connections from the same IP or to monitor the amount of traffic so as to throttle it or to disconnect if the amount of traffic exceeds some threshold.
One thing to consider is to not just push lots of bytes through the TCP/IP socket. The web server is interpreting the bytes and is expecting the HTTP protocol to be used. So what happens if you do strange and unusual things with the HTTP protocol as well as other protocols that are built onto HTTP.
For options 3 and 4 it sounds like you are considering bypassing the TCP/IP stack with its windowing logic and to just send a stream of TCP protocol packets ignoring reply packets until something smokes. This would be more of a test of the TCP stack robustness on the server rather than the robustness of the web server itself.
于 2012-06-20T17:40:57.647 回答
2
达到网络饱和的能力取决于网络条件。有可能以这样一种方式编写你的“洪水”,它会减慢你的速度,因为你正在导致中间设备丢弃数据包,并且服务器本身最终没有看到它的最大负载。
您的应用程序应该从一个连接开始,并监控数据速率。如果所有连接的总数据速率继续上升,则继续添加连接。一旦它不再上升,您就达到了吞吐量限制。如果它开始下降,则说明您超出了系统的容量,并且导致拥塞控制启动,或者服务器无法有效处理那么多连接。如果吞吐量限制远低于您的预期,那么您可能需要调试您的网络,或调整您的 TCP/socket 参数。如果是服务器变慢了,您需要对其进行分析以了解它为什么无法处理连接负载。
此外,检查每个连接的数据速率,看看某些连接是否比其他连接快得多。如果发生这种情况,则服务器存在公平问题,也应予以解决。不过,这与服务器和网络性能的关系不大,因为它与良好的用户体验有关。这种问题的存在可能会在拒绝服务攻击中被利用。
于 2012-06-20T17:26:13.807 回答