Welcome to your wiki!
This is the default page, edit it as you see fit. To add a new page simply reference it within brackets, e.g.: [SamplePage].
The wiki uses Markdown syntax.
NetStress is a DDoS and network stress testing tool.
It's been written in C language for performance reasons; proved to be running on Linux and FreeBSD.
Please note that the project is in beta state. For instance, HTTP GET flood is not fast enough. Share your test results with me to make it better.
Keep in mind that there are so many use cases which are undocumented. Unfortunately, it's my style: non-documented coding :) The cfg directory holds sample configuration files required by some attack types. For fuzzy points, please contact with me.
SYN Flood Attacks
+ SYN flood with static source port
+ SYN flood with random source port
+ SYN flood with static source IP address
+ SYN flood with random source address
+ SYN flood with fragmented packets
ACK Flood Attacks
+ ACK Flood with static source port
+ ACK Flood with random source port
+ ACK Flood with static source IP address
+ ACK Flood with random source address
+ ACK Flood with fragmented packets
FIN Flood Attacks
+ FIN Flood with static source port
+ FIN Flood with random source port
+ FIN Flood with static source IP address
+ FIN Flood with random source address
+ FIN Flood with fragmented packets
UDP Flood Attacks
+ Static source port UDP flood
+ UDP flood with random source port
+ UDP Flood with static source IP address
+ UDP Flood with random source address
+ UDP Flood with fragmented packets
+ ICMP Flood with all options random(source IP, ICMP type, code)
+ Stateless GET Flood
+ Stateless POST Flood
+ GET Flood with spoofed headers
+ POST Flood with spoofed headers
Mixed Flood Attacks
+ SYN+UDP+GET Flood
+ UDP+PUSH Flood
+ UDP+ICMP Flood
DNS Flood Attacks
+ DNS flood with static source ip address
+ DNS flood with static spofed ip address
+ DNS flood with random ip address
+ Root zone amplified DNS DoS
+ Send packets from a subnet like 88.x.x.x.
+ Rate limiting features test
+ Stateful packet inspection tests
+ Country Based Spoof Attacks for Rate Limiting Features
+ UDP,SYN, ACK, FIN, ICMP .. flood attacks with using known country ip blocks as source ip address
First, configure your installation:
# make menuconfig
Note that this command requires libncursesw5 installed on your system. If you don't want to use that way, then just copy one of *.config (e.g., fullrandom.config if you want source IP/port be random) file as .config.
Then compile the codes:
Now, netstress* (suffix depends on your configuration) binary can be executed.
Please note that only root user can run NetStress.
Running netstress without a parameter cause it to print a help message:
$ sudo ./netstress_fullrandom
Metin KAYA <email@example.com> from EnderUNIX SDT [http://www.EnderUNIX.org]
NETSTRESS a.k.a SALDIRAY v3.0.6
--saddr, -s: source address
--sport, -p: source port
--daddr, -d: destination address
--dport, -P: destination port
--file, -f: the full path for the file of dns server list for ampdns flood
--attack, -a: type of attack (ack, syn, fin, udp, dns, ampdns, igmp, winbomb, win98,
get, post, syncook, isssyn)
--process, -n: number of processes
--buffer, -b: size of UDP packet
--dnsqname, -N: hostname which will be queried
--dnsqtype, -t: type of dns query (a, ns, cname, soa, wks, ptr, hinfo, minfo, mx, txt)
--useragent, -u: user agent parameter for http get flood
--help, -h: shows this message
Here is an example SYN flood from source IP address 22.214.171.124 and port 8888 to destination IP address 126.96.36.199 and port 9999 just with 1 process:
$ sudo ./netstress_fullrandom -s 188.8.131.52 -p 8888 -d 184.108.40.206 -P 9999 -a syn -n 1
You don't need to specify source port if you compiled netstress with random source port feature. Same logic is valid for source IP and destination IP/port.
For Python interface:
Python GUI of NetStress depends on python-wx package.
$ cd gui
$ python netstress.py
make komutu verdiğimde şöyle bir hata alıyorum
[root@server1 netstress-3.0.7]# make
rm -f netstress netstress_ src/.o ~ src/~ src/.core
gcc -DVERSION=\"v3.0.7\" -DSTATIC_URL=\"\" -DHTTP_GET_HOST=\""127.0.0.1:80"\" -Wall -W -O2 -Wstrict-prototypes -I./include -Wno-unused-result -DSTATIC_SRC_IP -DRANDOM_SRC_PORT -DRANDOM_URL -c -o src/flood.o src/flood.c
cc1: error: unrecognized command line option "-Wno-unused-result"
make: ** [src/flood.o] Error 1
"uname -a" ve "gcc -v" komutlarinin ciktisini gonderebilir misiniz? gcc surumunuz cok eski muhtemelen.
[root@server1 ~]# uname -a
Linux server1.x.com 2.6.32-042stab078.26 #1 SMP Mon Jul 8 10:17:22 MSK 2013 i686 i686 i386 GNU/Linux
[root@server1 ~]# gcc -v
Using built-in specs.
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-libgcj-multifile --enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk --disable-dssi --disable-plugin --with-java-home=/usr/lib/jvm/java-1.4.2-gcj-220.127.116.11/jre --with-cpu=generic --host=i386-redhat-linux
Thread model: posix
gcc version 4.1.2 20080704 (Red Hat 4.1.2-54)