DoS Pen Testing Considerations

When you’re pen testing for DoS vulnerabilities, a major area of concern is taking down integral resources during the testing phase. The ripple effect of taking out a file server or web resource can be pretty far reaching, especially if bringing the system back online proves challenging after a successful DoS test attack. As with all pen testing activities, an agreement between the tester and the client should explicitly define what will be done and the client’s timeframe for when the testing will occur. Also, as always, documenting every step is crucial in every part of the process.