Command-and-control (C2) is the control plane of DDoS attack infrastructure, the channel an operator uses to drive a botnet, and understanding it informs how a DDoS test models a coordinated attack. Through C2, often IRC, HTTP, or peer-to-peer protocols, the operator pushes instructions to the fleet: which target, which vector, what rate, and when to start and stop. The bots poll or listen for these orders and act in unison.
Why it matters in DDoS testing
C2 is why a botnet behaves as one coordinated weapon rather than noise. Attacks can pivot vectors mid-event, pause and resume, or shift targets on command, which is precisely the adaptive behavior a static, scripted test fails to reproduce. Modeling that coordination, simultaneous multi-vector pressure that changes in response to defensive reactions, is what separates a realistic exercise from a fixed load run.
For controlling that pressure safely against live systems, see Running a DDoS Test Without Disrupting Production.