gns
is used to benchmark or stress test network services and equipment.
It can operate as either server or client to transfer data over one or more
TCP connection or a UDP stream. Apart from RAW and TLS connections, the tool
also provides HTTP client and WebSocket server. In server mode, the protocol is
selected by the client request, with fallback to RAW if no protocol is detected.
In client mode, the use of protocol is configured from the command line. The
number of TCP connections, packet size, and other options are also set from the
command line. The default packet size is 2 MB for TCP and 1472 bytes for UDP.
Secure connections require a certificate file in the current directory with the
name gvalkov.com.pem
.
gns <- l-- listen> <- p source port> gns < host IP> < port>
Command | Alternative | Description |
---|---|---|
-s | Source IP | |
-p | Source port | |
-c | 1-1024 | Number of connections |
-P | --print | Print packets |
-O | --once | Print only the first packet |
-v | --verbose | Use verbose output |
-q | --quiet | Connect silently |
-L | Packet length e.g. 1472 1405 1422 65112 65507 | |
-U | [count] | Use UDP mode, exit after count packets have been sent |
-u | -udp | Use UDP mode |
-g | -h hostname /path [count] | Send GET/HEAD requests in each packet |
-d | --delay-initial ms | Initial delay between sending packets |
-D | --delay us | Delay between sending packets |
-A | --delay-adaptive [1-18] | Adapts the delay based on feedback for lost packets: |
The number of lost packets is reporoted by the | ||
receiving side. | ||
High values reduce speed variations, but may slow | ||
transfers. | ||
Low values cause the transfer speed to raise faster. | ||
-w | --write | Write to socket |
-W | Accept WebSocket connections | |
-t | --tls | Enable TLS client |
-H | --honeypot | Honeypod mode (disable receive task) |
gns - lp81 gns - lp81 - s192 . 168 . 192 . 77 gns 192 . 168 . 192 . 1 81 - s192 . 168 . 192 . 77 - p81
Normally the program accepts connections or connects to some server,
then reads the incomming packets, which frees system resources and enables
normal communication over the network. If --write
is enabled, the program
also writes data to the socket. The --honeypot
(-H
) switch disables all
receiving tasks. This may jam system resources and disrupt network communications.
Some Wi-Fi cards disconnect, if a client in this mode starts receiving data.
iOS and macOS are likely to kernel panic.
Please do not use this tool for DDoS without permission from the target! It is fully capable of wreaking havoc. The user is liable for any damage caused. Some DSL dvices go offline if targeted over UDP.
Some platforms, notably iOS and macOS have an IP stack which is rather unreliable. This tool is very likely to cause kernel panic if used properly. While this could affect either side of the connection, usually the side sending data is affected. The receiving side may also crash if it lacks resources to process all incoming data in time, or in the case when Honeypot mode is used. The crash is triggered by the system Watchdog, due to resource exhaustion causing critical system services to become unresponsive. A common symptom predating a crash is complete or partial loss of network connectivity and no ICMP replay from localhost. The Apple security team had been notified about this vulnerability on February the 17th 2020. While their team have accomplished a huge improvement, the issue is still exploitable, given enough effort. They have also proven to be extremely hard to work with. When the vulnerability was first discovered, it was as simple as visiting a malicious web page in any browser, and the system would crash. The first web exploit used 128 parallel WebSocket connections sending large packets of data, while with a native application 32 connections were sufficient. In the original vulnerability, there was an instant and permanent loss of network connectivity. Any application attempting to use the network would stop responding until the system is restarted. iOS used to restar in 10 seconds, while macOS took 3 minutes. Demo iOS, macOS.
☂︎ Apple iOS, macOS
☂︎ FreeBSD
☂︎ Linux, OpenWRT
☂︎ Windows