Offline
We have played around with Wireshark and various tools to simulate an attack. One of the big problems is how to tell when you are being attacked. Wireshark can detect various types of packets and you can filter for say ICMP packets which ping uses, but there are more sophisticated programs out there. This article covers a good list of them and it is a recent article.