Controlling Network Bandwidth

[hhmatt]

I interested in learn more about network load balancing. I'm fairly proficient in networking but have never implemented any sort of load balancing to my knowledge.
I'm interested in:
Popular theory, monitoring a current network for implementation(tools used for multiple platforms) and where is it best to monitor from (server, client, or network hardware), also the hardware/software you use or recommend to implement it.
Looking at it from a security standpoint, can it be defensive, can it be offensive, can it be exploited and possible preventions of exploitation.

Sort of along the same lines I'm also interested in prevention of DDoS.(Related really only in the fact of controlling bandwidth.)
Is it better to use specific hardware devices or some sort of software to assist in prevention. What's the theory behind it? Change IP's and update DNS entries, point the traffic to nowhere, or inform your ISP and let them handle it?
How bad does a DDoS get? Can it be simulated properly in a local environment with 2-4 machines?
How to best simulate a DDoS? Would the diagram below work well or is it possible the hub could get overloaded before the switch and wouldn't work properly?

H|--- Switch --- LAN
u|--- Attacker
b|--- Attacker

Thanks in advance,

hhmatt

[brtw2003]

hi hhmatt,

lot of topics you're requesting.

So some of my recommendations to read/test through:

General simulation:
Must have favorite: http://www.caida.org/home/

Network Simulators

Using usual IP-packet generators, like
-hping3 (DOS-Attacke mit hping3 - hack2learn)
-scapy (Scapy: Massive hacking tool! | SecTechno)

or use the tons of available tools at packet storm:
.:[ packet storm ]:. - http://packetstormsecurity.org/

For covering comprehensive stres testing, I'd highly recommend:
https://www.ee.oulu.fi/research/ouspg/Protos

some interesting analysis tool:

Malware analysis (very interesting) - home [Nepenthes - finest collection -]

and of course to use a 'controlled environment' use honeypot architectures, like
http://www.honeynet.org/project


..and finally network monitoring stuff I'd recommend:

IDS/IPS: Snort + dozen of add-on software
SI(E)M: Ossim, http://www.alienvault.com/community.php?section=Home
RRD: torrus, http://torrus.org/
Ad-Hoc monitoring: etherApe, ntop
Visualization: varios InfoVis toolkits

Key thing for any monitoring solution you are establishing:
have a proper network baseline to start with!

/brtw2003

[hhmatt]

Much appreciated! I've been busy the last couple days but I look forward to reading all of this, Thank you.
The simulation stuff looks fun! It's not something I've heard much about before.
I'm currently working on some malware analysis I have 4 laptops and 2 desktops in front of me and it's still very time consuming but very interesting stuff.
Looking forward to more if anyone has more to add.