display | more...

Packet cannon is a term for a device which "shoots" a large number of network packets at some target very quickly. Such things are useful for several tasks, such as security scanning, load testing of network devices, and denial of service attacks.

Generally, the overhead on a router is not per byte, but per packet. That is, processing twenty 40-byte packets is about twenty times more work than processing a single 800-byte packet. This is because routers have to examine each packet's headers to figure out where it needs to go, while the data in the packet can just be copied over without examining it at all. So unless you have made a substantial investment in Juniper hardware, be prepared to watch your routers get very unhappy; I've seen medium-level Ciscos drop hard after only a few thousand packets per second. I once heard that a guy at work permanently destroyed the cheapo Netgear switch he had on his desk when he tried to load test the core router through it, though maybe somebody was just bullshitting.

A simplistic packet cannon is ping in flood mode, which sends ICMP packets as quickly as possible. The best packet cannons are machines with fast network connections, and preferably hardware assisted network stacks, especially once you get something faster than an OC-3.

A more accurate term for this sort of thing might be "packet machine gun", with "packet cannon" being reserved for devices which fire 64K IP datagrams at something.

Log in or register to write something here or to contact authors.