When we configure a stateful attack in Avalanche and there isn't any "defending" DUT in the middle, we expect that for every packet that we send from the client, the targeted server will also respond with a packet, like for example a 200 OK. This scenario shows that there isn't defense in our network and the server will consider our requests as safe. This can be achieved by configuring a "ThreatExTCP" server against which we will address our requests.
In the "Attack Real-Time" results, we can measure the percentage of packets sent from the client against the packets received from the client, which will show how many of our bad packets were blocked from the network.
Example 1: All packets sent were responded from the Server and Blocked percentage is 0%
In this trace we can see that every request sent from the client is responded by a 200 OK :
In the Attack Real-Time results, we can see that the "Blocked %" is 0 since for every request we received an answer from the server :
Example 2: The server blocks 50% of the Attacks sent from the client
In this trace now, we can see that the for the first request we receive a packet from the server but after the second request the server sends a RST :
So in the Attack Real-Time results we can see that 50% of the packets were blocked :