Overview
Syllabus
Introduction
Who?
DOS Clasification
Classic Application Layer DOS/DDOS
Get Flooding With Spice
The Proposed Method
Lies, Dirty Lies and Statistics
Using Statistics to Normalize the Data Mean as the measure of central tendency • Calculate the mean of all resource download speeds • Calculate the means of each resource download
Speed Distribution
Demo
Attack Like Stage of Testing Measurement of service degradation while doing a hard test for narrowing down the choice of links
Load Balancers
Commercial Protection Services • Few players using limiters for
Using the Tool for Good Identify/Fix resource hogs o Use our tool for this
Playing with Apache Configs
mod_security
mod_limitipconn
mod_qos
mod_bwshare Accepts or rejects HTTP requests from each client IP address, based on thresholds set by past traffic from a particular IP address[8]
mod_evasive
Conflicts with Slow* Attacks
mod_httpbl
Back to the Future
References
Taught by
BruCON Security Conference