Denis Makrushin - Web under pressure DDoS as a service
16
WEB UNDER PRESURE DDoS as a Service Denis Makrushin (@difezza) Kaspersky Lab http://defec.ru/
-
Upload
defconrussia -
Category
Technology
-
view
400 -
download
3
description
Transcript of Denis Makrushin - Web under pressure DDoS as a service
WEB UNDER PRESUREDDoS as a Service
Denis Makrushin (@difezza)Kaspersky Lab
http://defec.ru/
2
It was like that
3
Nowadays : application layer
4
Piece of the WEB-bot
5
Nowadays: IaaS
6
Nowadays: DNS Amplification
Disadvantages:
• Short life cycle of infected machines
• Support clouds with a lot of instances
• Trivial generators of traffic
7
Burst in tomorrow: SaaS
8
DoS, DDoS, stress…
9
Load testing as a Service
• Legitimate traffic
• The load is not limited by owners of service
• Cheap load
• Many services do not verify actions
• User-owned scenarios
• Analysis of a victim for a “heavy" content
10
Proof of Concept: Loadimpact.com
11
Analytics
12
Without registration and SMS: loaddy.ru
13
SaaS Amplification
14
SaaS 4 DDoS• Traffic exchange• Whois-services• Monitoring services• All that "disturbs" the victim
15
If you have conscience
![Worm DDos Spam - SecurityCN.net · CNCERT/CC CNCERT/CC CNCERTCC_TR_2005-001(Draft) Worm DDos Spam Phishing Spyware Botnet [1] Bot DDos DDos Bot: ±Robo Bot](https://static.fdocuments.in/doc/165x107/5c040e7609d3f203258dac36/worm-ddos-spam-cncertcc-cncertcc-cncertcctr2005-001draft-worm-ddos-spam.jpg)
