web under presure
DESCRIPTION
WEB UNDER PRESURE. DDoS as a Service. Denis Makrushin ( @ difezza ) Kaspersky Lab http://defec.ru/. It was like that. Nowadays : application layer. Piece of the WEB-bot. Nowadays : IaaS. Nowadays : DNS Amplification. D isadvantages : Short life cycle of infected machines - PowerPoint PPT PresentationTRANSCRIPT
WEB UNDER PRESUREDDoS as a Service
Denis Makrushin (@difezza)Kaspersky Lab
http://defec.ru/
2
It was like that
3
Nowadays : application layer
4
Piece of the WEB-bot
5
Nowadays: IaaS
6
Nowadays: DNS Amplification
Disadvantages:
• Short life cycle of infected machines
• Support clouds with a lot of instances
• Trivial generators of traffic
7
Burst in tomorrow: SaaS
8
DoS, DDoS, stress…
9
Load testing as a Service
• Legitimate traffic
• The load is not limited by owners of service
• Cheap load
• Many services do not verify actions
• User-owned scenarios
• Analysis of a victim for a “heavy" content
10
Proof of Concept: Loadimpact.com
11
Analytics
12
Without registration and SMS: loaddy.ru
13
SaaS Amplification
14
SaaS 4 DDoS• Traffic exchange• Whois-services• Monitoring services• All that "disturbs" the victim
15
If you have conscience