web under presure
Post on 24-Jan-2016
42 Views
Preview:
DESCRIPTION
TRANSCRIPT
WEB UNDER PRESUREDDoS as a Service
Denis Makrushin (@difezza)Kaspersky Lab
http://defec.ru/
2
It was like that
3
Nowadays : application layer
4
Piece of the WEB-bot
5
Nowadays: IaaS
6
Nowadays: DNS Amplification
Disadvantages:
• Short life cycle of infected machines
• Support clouds with a lot of instances
• Trivial generators of traffic
7
Burst in tomorrow: SaaS
8
DoS, DDoS, stress…
9
Load testing as a Service
• Legitimate traffic
• The load is not limited by owners of service
• Cheap load
• Many services do not verify actions
• User-owned scenarios
• Analysis of a victim for a “heavy" content
10
Proof of Concept: Loadimpact.com
11
Analytics
12
Without registration and SMS: loaddy.ru
13
SaaS Amplification
14
SaaS 4 DDoS• Traffic exchange• Whois-services• Monitoring services• All that "disturbs" the victim
15
If you have conscience
Thanks!Any questions?
condifesa@gmail.comtwitter.com/difezza
http://defec.ru/
top related