16
WEB UNDER PRESURE DDoS as a Service Denis Makrushin (@difezza) Kaspersky Lab http://defec.ru/

Web under pressure: DDoS as a Service

Tags:

Embed Size (px)

DESCRIPTION

Any web project has one important efficiency metric: maximum load. This talk will utilize a nontrivial look at stress testing services: we will see how a harmless instrument can be turned into a DDoS tool.

Citation preview

Page 1: Web under pressure: DDoS as a Service

WEB UNDER PRESUREDDoS as a Service

Denis Makrushin (@difezza)Kaspersky Lab

http://defec.ru/

Page 2: Web under pressure: DDoS as a Service

2

It was like that

Page 3: Web under pressure: DDoS as a Service

3

Nowadays : application layer

Page 4: Web under pressure: DDoS as a Service

4

Piece of the WEB-bot

Page 5: Web under pressure: DDoS as a Service

5

Nowadays: IaaS

Page 6: Web under pressure: DDoS as a Service

6

Nowadays: DNS Amplification

Disadvantages:

• Short life cycle of infected machines

• Support clouds with a lot of instances

• Trivial generators of traffic

Page 7: Web under pressure: DDoS as a Service

7

Burst in tomorrow: SaaS

Page 8: Web under pressure: DDoS as a Service

8

DoS, DDoS, stress…

Page 9: Web under pressure: DDoS as a Service

9

Load testing as a Service

• Legitimate traffic

• The load is not limited by owners of service

• Cheap load

• Many services do not verify actions

• User-owned scenarios

• Analysis of a victim for a “heavy" content

Page 10: Web under pressure: DDoS as a Service

10

Proof of Concept: Loadimpact.com

Page 11: Web under pressure: DDoS as a Service

11

Analytics

Page 12: Web under pressure: DDoS as a Service

12

Without registration and SMS: loaddy.ru

Page 13: Web under pressure: DDoS as a Service

13

SaaS Amplification

Page 14: Web under pressure: DDoS as a Service

14

SaaS 4 DDoS• Traffic exchange• Whois-services• Monitoring services• All that "disturbs" the victim

Page 15: Web under pressure: DDoS as a Service

15

If you have conscience

Page 16: Web under pressure: DDoS as a Service

Thanks!Any questions?

[email protected]/difezza

http://defec.ru/


Democracy Under Pressure

Democracy Under Pressure

Documents
Ports Under Pressure

Ports Under Pressure

Documents
Under Pressure (Queen)

Under Pressure (Queen)

Documents
Andi Under Pressure

Andi Under Pressure

Documents
SCORE - Under Pressure

SCORE - Under Pressure

Documents
Amazonia Under Pressure

Amazonia Under Pressure

Documents
Biomes Under Pressure

Biomes Under Pressure

Documents
Under pressure

Under pressure

Education
’Tablets Under Pressure’

’Tablets Under Pressure’

Documents
Heads Under Pressure

Heads Under Pressure

Documents
STRONG UNDER PRESSURE - Gardner Denver · 2018. 10. 23. · UNDER PRESSURE High Pressure Solutions for Naval Defence Applications. STRONG UNDER PRESSURE Reavell 5437 OFFERING LIFETIME

STRONG UNDER PRESSURE - Gardner Denver · 2018. 10. 23. · UNDER PRESSURE High Pressure Solutions for Naval Defence Applications. STRONG UNDER PRESSURE Reavell 5437 OFFERING LIFETIME

Documents
Performing Under Pressure

Performing Under Pressure

Documents
McAfee SecurityCenter Evaluation under DDoS Attack Traffic · McAfee SecurityCenter Evaluation under DDoS Attack Traffic Sirisha Surisetty, Sanjeev Kumar . Network Security Research

McAfee SecurityCenter Evaluation under DDoS Attack Traffic · McAfee SecurityCenter Evaluation under DDoS Attack Traffic Sirisha Surisetty, Sanjeev Kumar . Network Security Research

Documents
Under Pressure [UP]

Under Pressure [UP]

Documents
Under Pressure - UDHS Choir - WikispacesPressure.pdf · Under Pressure - UDHS Choir - Wikispaces

Under Pressure - UDHS Choir - WikispacesPressure.pdf · Under Pressure - UDHS Choir - Wikispaces

Documents
AKAMAI WHITE PAPER Making a DDoS Protection Plan 8 Best ... · What to Expect from a DDoS attack 1 What to Expect under DDoS Attack: Panic 1 How the DDoS Attack Landscape has Changed

AKAMAI WHITE PAPER Making a DDoS Protection Plan 8 Best ... · What to Expect from a DDoS attack 1 What to Expect under DDoS Attack: Panic 1 How the DDoS Attack Landscape has Changed

Documents
Fluidzation Under Pressure

Fluidzation Under Pressure

Documents
Working Under Pressure

Working Under Pressure

Documents
SOPHIE UNDER PRESSURE

SOPHIE UNDER PRESSURE

Documents
Power under Pressure

Power under Pressure

Engineering
Persevering under pressure

Persevering under pressure

Documents
DDoS Secure Portal Configuration-Under

DDoS Secure Portal Configuration-Under

Documents
Pitch - Under Pressure

Pitch - Under Pressure

Art & Photos
Nanoshells under pressure

Nanoshells under pressure

Documents
Planet Under Pressure

Planet Under Pressure

Technology
A Dynamic Bandwidth Assignment Approach Under DDoS Flood

A Dynamic Bandwidth Assignment Approach Under DDoS Flood

Documents
Speaking Under Pressure

Speaking Under Pressure

Documents
UNDERSTAFFED, UNDER PRESSURE AND UNDER ATTACK

UNDERSTAFFED, UNDER PRESSURE AND UNDER ATTACK

Documents
Grace Under Pressure

Grace Under Pressure

Spiritual
Under Pressure 4 Complete Manual.Rev.Dec.15.00doc · Under Pressure Design Software ... Reviewing Analysis Results ... Under Pressure is NOT an automated pressure vessel design program

Under Pressure 4 Complete Manual.Rev.Dec.15.00doc · Under Pressure Design Software ... Reviewing Analysis Results ... Under Pressure is NOT an automated pressure vessel design program

Documents