Mixed TCP + UDP multi-source flood
Combines TCP and UDP floods from distributed nodes — closer to real multi-vector attacks.
How it works
- TCP stresses state tables while UDP stresses PPS/bandwidth.
- Mitigation may protect one protocol while the other slips through.
- Engarde TCP-UDPM preset runs both from multi-source nodes.
Packet flow (illustrative)
Engarde node Target
→TCP SYN / ACK flows
→UDP datagram burst
Dual-protocol load on target
Illustrative flow — not a live capture.
Engarde TCP-UDPM
Vectors TCP + UDP
Layer L4 multi
What to watch in Engarde
- Which metric degrades first: connections or PPS.
- Scrubbing policy when both protocols spike.
Running this simulation
Use TCP-UDPM on staging with operator-assist; review dual-protocol charts in Attack Monitor.
Mitigation perspective
Multi-vector playbooks and independent thresholds per protocol.