Skip to content
/ deep-immersion Public

Library (and command-line interface) for testing counter-DoS security features of highly performant and abuse-aware domain name servers

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

parthenogen/deep-immersion

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
.github/workflows
.github/workflows
 
 
cmd/funky-orca
cmd/funky-orca
 
 
pkg
pkg
 
 
README
README
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

Deep Immersion is a library formalising a framework for simulating
denial-of-service (DoS) attacks against the Domain Name System (DNS), for the
express purpose of testing security features of highly performant and
abuse-aware DNS servers.

WARNING: Abuse, misuse, or incompetent use of the contents of this repository
may result in practical and legal consequences. Please ensure that proper
authorisation and containment are in place before installation and execution.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

The library defines the components of such an attack simulator. These are:
  * "Sources" for generating domain names;
  * "DNS clients" for exchanging queries and responses with the DNS server
    under test, for each of those domain names;
  * "Inspectors" for evaluating those responses;
  * "Error handlers" for handling any errors encountered by those clients; and
  * A "conductor" for controlling the rate and timing of those queries.

A "driver" facilitates the flow of information between the components and
coordinates their concurrent execution. Multiple instances of the same type of
components can run in parallel if the driver is so configured.

From the perspective of the driver, all components are swappable. Various
components can therefore be written and the driver accordingly configured to
suit specific testing needs as long as those components conform to interface
definitions. It follows that many variants of Deep Immersion could emerge from
the combination of compatible components.

A minimal sample of the components can be found in their respective packages
with accompanying unit tests. More components could be added to those packages,
although implementers are free to import compliant components from elsewhere.

About

Library (and command-line interface) for testing counter-DoS security features of highly performant and abuse-aware domain name servers

Topics

dns security penetration-testing

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

funky-orca-v0.1.3 Latest
Mar 13, 2023

Packages

No packages published

Languages