Babble helps keep the internet working

Solid preparation and confidence boost: Validating DDoS readiness and infrastructure investment


Our client, a leading DNS provider, was offering management and registration of a number of global top-level domains and wanted to make sure that the new infrastructure could withstand both peak load and a DNS-based DDoS attack before going live. They commissioned a DDoS attack testing service to ensure that their mitigation, reporting, and monitoring tools were working properly.

Due to the fact that the systems being tested are considered part of the internet infrastructure, the potential cost to the business in terms of reputational damage and loss of revenue was very high. Babble was selected to provide two 90-minute DDoS tests.


The task

After the NDAs and commercial agreements were completed, Babble engineers held a detailed technical consultation to establish the key test parameters.

Load balancer and server rate limiting were in place to restrict the number of requests that could be made over a period of time. These were removed before the tests so that stress tests could also be run.

 Key Test Parameters include:

  1. Required compliance to code of best practice
  2. Test objectives
  3. Systems, people, and risk assessment review
  4. DDoS attack types and parameters

The Test  

The initial attack vector was 500,000 DNS queries per second to FQDNs supplied in a text file, with a mix of UDP-based record lookups using normal and DNSSec-based queries.

On the test date, all key stakeholders connected to a live web conference to communicate with the Babble operations team and view the DDoS attack test portal. The customer could activate the emergency stop procedure at any time to halt the test within seconds.

The volumetric tests measured how many requests per second the infrastructure could handle. The types of requests sent were varied to see how latency and end-user response rates changed under system load.

After the initial tests, a further round of testing was conducted on other smaller data centres to confirm their load and attack capacity.

The results

The client’s system largely passed the test, with some unexpected responses that were investigated using the debugging information. The overall success of the test gave the client confidence that their infrastructure could withstand likely attack vectors without impacting business systems.

Metrics & Reporting:

A copy of the web conference feed and test schedule was provided to the client, as no data is kept during the real-time tests.

Changes Implemented:

Based on the scope of the project and the tests that were run, the client considered themselves prepared for possible DDoS attacks and was able to make additional changes to their systems to provide greater protection during valid heavy loading.

Commercial Value:

The investment in systems and servers for the new data centre has been fully validated. The two-stage testing sequence alleviated uncertainties regarding security posture, load, and system configurations.

““Babble were very thorough in the scoping of the project and the way they conducted themselves was very professional.
We greatly benefited from the test and the confirmation that our deployments carried minimal risk even when under significant load.””

Head of Information SecurityDNS Provider

Security Improvement Programme

  • Strengthen your security posture with an individual approach designed for your business

Find Out More