Completed
Intro
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
HTTP Time Bandit: Identifying and Exploiting Web Application Performance Bottlenecks
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Classic Application Layer DOS/DDOS
- 3 The Proposed Method Method of detection of the critical resource • Spider over the web site and collect transfer times for each resource • Calculate the average speed and distribution of transfers Id…
- 4 Using Statistics to Normalize the Data
- 5 Attack Like Stage of Testing Measurement of service degradation while doing a hard test for narrowing down the choice of links
- 6 Commercial Protection Services . Few players using limiters for
- 7 Playing with Apache Configs Baseline, no protection • 1 client running 10x parallel requests of the most expensive resource • 3% CPU on the client machine Server: i7, 4 core, 8 gb • 98% CPU utilizati…
- 8 mod_qos Implements control mechanisms to provide different priority to requests and control server access based on available resources 7
- 9 Conflicts with Slow* Attack Protection Slow* attack mitigation is an addition • mod_evasive could not protect from these There is no conflict (good news)
