Denial of Service tests (DoS)

Providing services through the Internet and Web technologies represents for the company a substantial part of their business (e.g. banks, e-commerce) in these days. This fact is obvious for the attackers too, who – in the competitive struggle – are trying to harm their operators disabling the service. How are you ready for this?

Goal of the test

The purpose of the test is to verify the resistance against the attacks of services designed to denial of access to services operated by excessive operating load. The aim of the attack (and therefore the tests) can be a variety of services to the customer, usually web applications or email, or infrastructure components (routers, DNS).

Most often is for operators critical some of the web application that presents or conveys the main business of the company. Therefore, it is most often the web server services, respectively path that leads to it (routers, firewall, line).

The test progress

Test can be done at your chosen time and prevent problems with the availability for regular visitors or customers. Tests are also usually made ​​in the form of short probes, it is not necessary a global long-term outage of your services.

Tests possibilities

  • Packet flooding (TCP SYN flood, UDP flood)

  • HTTP(s) flooding (number of connection)

  • Congestion by specific requirements that require non-trivial processing on the server side

Optional tests

  • E-mail DoS

  • DNS DoS

Possible extensions

Creating an emergency scenario in the case of DoS attack and failure

Benefits for you

  • Information about loads that your infrastructure is ready

  • Identification of vulnerable components

  • Designing countermeasures

The greatest benefit is achieved with the web application penetration test, which can detect vulnerabilities applicable to DoS attack.

Any questions?

If you are interested in more details please contact us.

Ask by e-mail