Web under pressure: DDoS as a Service
Upcoming SlideShare
Loading in...5
×
 

Web under pressure: DDoS as a Service

on

  • 6,524 views

Any web project has one important efficiency metric: maximum load. This talk will utilize a nontrivial look at stress testing services: we will see how a harmless instrument can be turned into a DDoS ...

Any web project has one important efficiency metric: maximum load. This talk will utilize a nontrivial look at stress testing services: we will see how a harmless instrument can be turned into a DDoS tool.

Statistics

Views

Total Views
6,524
Views on SlideShare
890
Embed Views
5,634

Actions

Likes
0
Downloads
5
Comments
0

11 Embeds 5,634

http://defec.ru 5480
http://www.defec.ru 94
https://twitter.com 37
http://yandex.ru 8
http://cloud.feedly.com 7
http://feedly.com 2
http://w4x1ni.owl.e 2
http://www.inoreader.com 1
http://archive 1
http://131.253.14.98 1
http://prlog.ru 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Web under pressure: DDoS as a Service Web under pressure: DDoS as a Service Presentation Transcript

  • WEB UNDER PRESURE DDoS as a Service Denis Makrushin (@difezza) Kaspersky Lab http://defec.ru/
  • It was like that 2
  • Nowadays : application layer 3
  • Piece of the WEB-bot 4
  • Nowadays: IaaS 5
  • Nowadays: DNS Amplification Disadvantages: • Short life cycle of infected machines • Support clouds with a lot of instances • Trivial generators of traffic 6
  • Burst in tomorrow: SaaS 7
  • DoS, DDoS, stress… 8
  • Load testing as a Service • Legitimate traffic • The load is not limited by owners of service • Cheap load • Many services do not verify actions • User-owned scenarios • Analysis of a victim for a “heavy" content 9
  • Proof of Concept: Loadimpact.com 10
  • Analytics 11
  • Without registration and SMS: loaddy.ru 12
  • SaaS Amplification 13
  • SaaS 4 DDoS • • • • Traffic exchange Whois-services Monitoring services All that "disturbs" the victim 14
  • If you have conscience 15
  • Thanks! Any questions? condifesa@gmail.com twitter.com/difezza http://defec.ru/