• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Trends in Web Attacks
 

Trends in Web Attacks

on

  • 3,177 views

Talk on "Trends in Web Attacks" by Arthur Clune.

Talk on "Trends in Web Attacks" by Arthur Clune.
See http://www.ukoln.ac.uk/web-focus/events/workshops/webmaster-2007/talks/clune/

Statistics

Views

Total Views
3,177
Views on SlideShare
3,174
Embed Views
3

Actions

Likes
0
Downloads
57
Comments
0

1 Embed 3

http://www.slideshare.net 3

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Trends in Web Attacks Trends in Web Attacks Presentation Transcript

  • Trends in Web Attacks Arthur Clune [email_address]
  • Talk Overview
    • History of (web) attacks
    • DDOS attacks and economics
    • Botnets
    • Phishing
    • Why do we care about this anyway?
  • A Taxonomy
    • Defacement
    • Resource stealing
    • Denial of Service/DDOS
  • History
  • Prehistory
    • Before the web
      • ftp (anonymous ftp uploads)
      • gopher
      • backdoors
  • Why?
    • Curiosity
    • Status
    • ‘Fame’
    • Disk space was expensive!
  • Morris Worm
    • 1988
      • Not web based!
      • First self spreading worm
  • Early Web
    • Individual attacks
    • Mainly motivated as before
  • Trinoo/Stachledract
    • 1999
    • First large scale DDOS tool
    • University of York was among the victims!
  • Code Red/Nimbda
    • 2001
    • Caused extensive problems (network traffic/instability)
    • First really big worm
  • SQLSlammer
    • 2003
      • Attacked Microsoft SQL Server
      • Fastest spreading worm ever
      • How many of your web sites rely on a database?
  • Misc Stuff
    • Also at this time:
      • MS Frontpage extensions
        • Edit your webpage remotely…oh, but so can other people.
  • Digression
    • Zone-h defacement archive demo
  • Witty Worm
    • 2003
    • First worm aimed directly at a web server
      • MS IIS
    • Followed by Sasser
  • Moving to webapps
    • First php worm - 2004
      • Attacked phpBB
    • It’s now most common to attack applications not webservers themselves
  • Pure web worms
    • 2006
      • MySpace worm
        • Spread only within MySpace profiles
        • A ‘Web 2.0’ worm?
  • Distributed Denial of Service ‘Nice website you’ve got there. Shame if anything happened to it’
  • DDOS - Why bother?
    • It’s not about the frame
    • Sometimes it’s about Money
  • DDOS II
    • How it works
    • Targets
      • Gambling
      • Porn
      • Anyone with money
  • Botnets 0wning the internet for fun and profit
  • Botnets
    • Botnets are sets of machines, all controlled by a ‘bot herder’
    • Often machines are infected when visiting a website
    • Largest botnet found so far had > 1,000,000 machines in it
  • Botnet example
    • Demo of botnet from UK Honeynet data
  • Phishing There’s one born every minute
  • Phishing
    • Different types:
      • 401 scams
      • Bank scams
    • Some of these are very realistic
    • Banks don’t always help themselves
  • Phishing 2
    • Example of a phishing attack from UK Honeynet data
  • Am I bovered? Or, why this affects web managers
  • How have things changed?
    • Attacks often less personal, but bigger
    • DDOS attacks can be too big to resist
    • Web servers valuable as a way of spreading exploit code
    • It’s not about fame anymore, but money
  • How does this affect you?
    • Reputational loss
    • Potential for damages if you can’t show due care
    • Copyright violations on your servers
    • DDOS attacks against you
  • What can we do?
    • Follow best practice
    • Occams razor - don’t multiply servers!
    • Code audit/review/pen-testing
    • Network design (DMZs, firewalls etc)
  • Questions?