Infrastructure Layer
AttacksDNS Attack
The DNS Gremlin blocks all outgoing traffic over the standard DNS port (53), optionally constrained by supplied IP addresses. This Gremlin is equivalent to running a Blackhole attack against port 53.
Linux
This Gremlin does not interact with iptables, and so it does not interfere with any existing iptables rulesets.
This Gremlin requires the NET_ADMIN capability, which is enabled for Gremlin by default at installation time. See capabilities(7)
Options
| Parameter | Flag | Required | Default | Version | Description |
|---|---|---|---|---|---|
| IP Addresses | -i IP address | False | 1.4.7 | Only impact traffic to these IP addresses. Also accepts CIDR values (i.e. 10.0.0.0/24). | |
| Device | -d interface | False | Device discovery | 0.0.1 | Impact traffic over this network interface. |
| Protocol | -P {TCP, UDP, ICMP} | False | all | 1.4.7 | Only impact a specific protocol. |
| Providers | WebUI and API Only | False | 0.0.1 | External service providers to affect. | |
| Tags | WebUI and API Only | False | 0.0.1 | Only impact traffic to hosts running Gremlin clients associated with these tags. | |
| Length | -l int | False | 60 | 1.4.7 | The length of the attack (seconds). |