Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Content delivery network and web application firewall

4,309 views

Published on

Topic: Content Delivery Network (CDN) and Web Application Firewall (WAF): A Double Whammy for Hackers?

i) How does CDN and WAF help prevent cyber attack for institutions?
ii) Discussing the defacement of Malaysian Airlines website even though both CDN and WAF were in place.
iii) Techniques to close the gap and building strengths for the future.

Published in: Internet
  • https://www.slideshare.net/MedianovaCDN/why-use-a-content-delivery-network-cdn-128275441?qid=37c2b5f7-24cf-4425-acf6-0b4db5369a6e&v=&b=&from_search=1
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Content delivery network and web application firewall

  1. 1. CONTENT DELIVERY NETWORK AND WEB APPLICATION FIREWALL A Double Whammy for Hackers?
  2. 2. MY BRIEF CREDENTIALS  Principal IT Consultant, CISSP  eBay Bug bounty award.  0-day full CV dump vulnerability on a major job search site.  Work in Silicon Valley California as a software developer during Dot COM boom days.  Email: andrewchong2000@gmail.com
  3. 3. DISCLAIMER  The information presented does not reflect the opinion of my current employer.  The views and opinions expressed are purely from my personal research.  Any product claim, statistic, quote or other representation about a product or service should be verified with the manufacturer or provider.
  4. 4. MAIN TOPICS  How does CDN and WAF help prevent cyber attack for FI?  Discussing the defacement of Malaysia Airlines Website even though both CDN and WAF were in place.  Techniques to close the gap and building strengths for the future.
  5. 5. REMINDER  This presentation is not:  To tell you to be compliant to MAS TRM guidelines which you already knew.  To tell you the “defense-in-depth” theories which you already knew.  To tell you the dangers and motivation of Cyber Attacks, DDoS attacks, Malware which you already knew.  To tell you the to give users awareness training which you are already knew.  To tell you how to create governance process which you already knew.  Blah Blah...  The objective is not to bored all the Ninjas here! 
  6. 6. AGENDA
  7. 7. PREPARING A DDOS ATTACK DEFENCE  Purchase an On-Premise DDoS Mitigation Appliance  E.g. Fortinet, Juniper Network, CISCO Guard  Purchase a DDoS Mitigation Service from your ISP  E.g. Clean-Pipe service, Level3  Purchase a DDoS Mitigation Service from a specialized mitigation service provider  E.g. Akamai, Incaptula, CloudFlare, DOSarrest, ARBOR Examples of CDN+WAF, or “Scrubbers” technology providers
  8. 8. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  9. 9. TRADITIONAL ARCHITECTURE
  10. 10. TRADITIONAL ARCHITECTURE
  11. 11. TRADITIONAL ARCHITECTURE  So how to solve it?  Solution: Servers are always close to you!
  12. 12. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  13. 13. WHAT IS A CONTENT DELIVERY NETWORK (CDN)?  A Content Delivery Network (CDN) is a network of servers hosted by a service provider in multiple locations of the world so that the content could always be served from a server that is nearest to the consumer requesting for it.  A CDN consists of two key components:  The Origin Server(s) – the content source server.  Cache / Edge servers – the servers that the client see and request for content.
  14. 14. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  15. 15. CDN ARCHITECTURE  CDN Network Architecture
  16. 16. CDN ARCHITECTURE  CDN uses DNS CNAME record to hide your origin (source) server.  www.dbs.com.sg A record is 23.204.171.241  The “A” in “A” record stands for Address. “A” record is used to find the address of a computer connected to the internet from a name.
  17. 17. CDN ARCHITECTURE  23.204.171.241 belong to Akamai.
  18. 18. CDN ARCHITECTURE  po.dbs.com.sg is the SOA or primary DNS server  SOA stands for Start Of Authority
  19. 19. CDN ARCHITECTURE  CDN can also protect your primary/master DNS server (SOA)
  20. 20. CDN ARCHITECTURE  Client request logo.png on images.mydomain.com  The DNS system finds the CNAME and redirects the request to the CDN.  If logo.png is not found or expired in the CDN, it is requested from the Origin server and refresh the cache in the CDN.  The CDN response to the Client request with the logo.png.
  21. 21. CDN ARCHITECTURE  Request Flow: DNS  CDN  Origin  CDN have the ability to “pull” content from their origin server during HTTP requests in order to cache them.  Beside GET request, CDN can also proxy POST requests.  Do check with your CDN provider to block PUT, TRACE, DELETE, CONNECT, which are unsafe HTTP methods.
  22. 22. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  23. 23. KEY BENEFITS OF ENTERPRISE CDN  Faster site performance  High availability  Web application firewall (WAF)  DDoS protection  DNS DDoS and attack protection  Virtually real-time statistics  CDN vendor threats monitoring (managed service)
  24. 24. KEY BENEFITS OF ENTERPRISE CDN  Other Hidden Benefits!  CDN vendor manage your SSL certificates lifecycle.  Wildcard SSL certificates are implemented on the edge servers.  “Free” threats consultation from CDN vendor.  Lessen your company cyber-ops workload  Less need to trigger technical control to block attackers  Less need to escalate threats to internal teams  Lessen the effort to fine tune WAF configurations as compared to implementing your own WAF.  Reduce overall operation cost.
  25. 25. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  26. 26. KEY BENEFITS OF WEB APPLICATION FIREWALL (WAF)  “Most” Layer 7 attacks can be blocked before reaching the web server.  A “fast” solution to block vulnerable applications from attacks.  Newly discovered application threats like “Path Relative Stylesheet Import” (PRSSI) vulnerabilities can be protected by updating the WAF signatures.  Block automated scanners using signatures and rate control.  Legacy applications can be protected while the application take time to be upgraded.
  27. 27. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  28. 28. CDN AND WAF ARCHITECTURE
  29. 29. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  30. 30. WAF WEAKNESS  WAF is not possible to protect all layer 7 attacks.  E.g. Application business logic bypass  WAF uses regular expressions to block matching attack patterns.  WAF regex needs to be constantly fine tune and improve to block clever attacks.  Due to the bad coding of the application design, specific WAF rules are often disable or set it to “warning” mode in order to allow the application to work.
  31. 31. WAF WEAKNESS  WAF can be bypassed given the attack enough time to figure out.  Example: Blind SQL Injection WAF regular expression bypass  Substring keyword is block. However, left and right keywords are ok!  Block  and+ascii(substring((SELECT%20db_name()),1,1))%3d70  Bypass  and+ascii(right(left((SELECT%20db_name()),1),1))%3d70  and+ascii(right(left((SELECT%20db_name()),2),1))%3d70  ...
  32. 32. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  33. 33. CDN WEAKNESS  Normal domain name request  DNSIPCDNORGIN
  34. 34. CDN WEAKNESS  What if? DNSIPCDNORIGIN  Just because your origin server's IP address is no longer advertised over DNS, it's still connected to the internet!  If your IP address is not kept secret, attackers can bypass the CDN to attack your servers directly!
  35. 35. CDN WEAKNESS  Attacking the Origin Server Weak Point DDoS Origin IP
  36. 36. CDN WEAKNESS  Common default Origin naming by CDN providers  ORIGIN.<domain name>  ORIGIN.<sub>.<domain name>  DIRECT.<domain name>  <domain name>.CDN.<CDN domain name>  Try typo error naming:  ORIGN  ORGIN
  37. 37. CDN WEAKNESS  Akamai debug HTTP request pragma headers  Source: http://mesmor.com/2012/03/18/akamai-pragma-debug-headers/  Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai- x-get-extracted-values, akamai-x-get-nonces, akamai-x-get- ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x- serial-no  curl -s -I -H "Pragma: akamai-x-get-true-cache-key " http://www.malaysiaairlines.com
  38. 38. CDN WEAKNESS  HTTP/1.1 200 OK  Date: Tue, 10 Feb 2015 04:43:34 GMT  ETag: "12fc58b-2b88d-50eb3ec99f1c0"  Server: Apache  X-Cache: TCP_IMS_HIT from a23-220-203-15.deploy.akamaitechnologies.com (AkamaiGHost/7.1.0.2-14656242) (-), MISS from 10.88.3.70, MISS from 10.88.3.70  X-Serial: 1456  X-Cache-Key: /L/1456/211307/1h/origin.www.malaysiaairlines.com/my/en.html  Content-Type: text/html; charset=UTF-8  Cache-Control: no-cache  Last-Modified: Tue, 10 Feb 2015 04:00:15 GMT  X-Frame-Options: SAMEORIGIN  Proxy-Connection: Keep-Alive  X-True-Cache-Key: /L/origin.www.malaysiaairlines.com/my/en.html  X-Check-Cacheable: YES  X-Akamai-Session-Info: name=AKA_PM_BASEDIR; value=  X-Akamai-Session-Info: name=AKA_PM_CACHEABLE_OBJECT; value=true  X-Akamai-Session-Info: name=AKA_PM_DEV_CHAR_IS_MOBILE; value=false; full_location_id=is_mobile  X-Akamai-Session-Info: name=AKA_PM_FWD_URL; value=/my/en.htm Default and guessable origin name!
  39. 39. CDN WEAKNESS  CDN providers also provide customers with staging CDN platform.  CDN staging platforms allows customers to test the changes before implementing on production CDN.  Theoretically, staging platform will be less “robust” than the production platform.  CDN staging platform may not be monitored at all! A good way for hackers to test for vulnerabilities without being caught or alerted.  To find the staging platforms url, just google it and guess it!  Or simply sign-up for the CDN provider service to find out! 
  40. 40. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  41. 41. CASE STUDY: MALAYSIA AIRLINES INCIDENT (26-JAN-15)  Source: http://www.theguardian.com/world/2015/jan/26/malaysia-airlines- website-hacked-by-lizard-squad
  42. 42. CASE STUDY: MALAYSIA AIRLINES INCIDENT (26-JAN-15)  Name Server (NS) is akam.net (using Akamai CDN! Holy S***)  Start Of Authority (SOA) is barbara.ns.cloudflare.com  Why 2 CDN vendors? Really?
  43. 43. CASE STUDY: MALAYSIA AIRLINES INCIDENT (26-JAN-15)  HTTP Response Header  Server: LIZARDSQUAD  Who will bother to change the server banner after a defacement? (e.g. modify httpd.conf, registry)  Most likely it is a DNS hijacking attack!
  44. 44. CASE STUDY: MALAYSIA AIRLINES INCIDENT (26-JAN-15)  Source: http://www.computerworld.com/article/2874928/malaysia-airlines- claim-dns-hijacked-site-not-hacked-but-attackers-threaten-data-dump.html
  45. 45. CASE STUDY: MALAYSIA AIRLINES INCIDENT (26-JAN-15)  Source: http://www.washingtonpost.com/news/morning- mix/wp/2015/01/26/lizard-squad-hacks-malaysia-airlines-claiming-link-to- islamic-state/
  46. 46. CASE STUDY: MALAYSIA AIRLINES INCIDENT (26-JAN-15)  Phishing attack possible cause.  Source: http://www.tnooz.com/article/explainer-malaysian-airlines- website-attack/
  47. 47. CASE STUDY: MALAYSIA AIRLINES INCIDENT (26-JAN-15)  After site went back to normal, the DNS records are as follows:  SOA is now rusa.skali.com.my  Is this the correct SOA?  Or they’ve move out of Cloudflare?
  48. 48. CASE STUDY: MALAYSIA AIRLINES INCIDENT (26-JAN-15)  Search historical DNS records using DNSHistory.org  Malaysiaairlines.com SOA is rusa.skali.com.my!
  49. 49. CASE STUDY: MALAYSIA AIRLINES INCIDENT (26-JAN-15)  Malaysiaairlines.com domain Registrar is Webnic.cc  Webnic.cc got compromised? Most likely... But no public news to confirm.
  50. 50. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  51. 51. CASE STUDY: LENOVO INCIDENT (25-FEB-15)  Source: http://www.theguardian.com/technology/2015/feb/26/lenovo-website- hacked-and-defaced-by-lizard-squad-in-superfish-protest
  52. 52. CASE STUDY: LENOVO INCIDENT (25-FEB-15)  Source: http://www.eweek.com/security/lenovo.com-hacked-but-soon- restored-after-intervention-by-cloudflare.html
  53. 53. CASE STUDY: LENOVO INCIDENT (25-FEB-15)  Source: https://twitter.com/lizardcircle
  54. 54. CASE STUDY: LENOVO INCIDENT (25-FEB-15)  The EPP Authorization Code is basically a password for the domain and is one of the most powerful safeguards against unauthorized transfers of a domain name.  In other words, EPP Authorization Codes are an extra security measure ensuring that only the actual domain name owner is able to initiate an outgoing domain transfer towards another Registrar Client locked EPP code
  55. 55. CASE STUDY: LENOVO INCIDENT (25-FEB-15)  Source: https://twitter.com/lizardcircle  Lenovo emails has also been hijacked due to the DNS hijacked.
  56. 56. CASE STUDY: LENOVO INCIDENT (25-FEB-15)  Source: http://krebsonsecurity.com/2015/02/webnic-registrar-blamed-for- hijack-of-lenovo-google-domains/
  57. 57. CASE STUDY: LENOVO INCIDENT (25-FEB-15)  Source: http://krebsonsecurity.com/2015/02/webnic-registrar-blamed-for- hijack-of-lenovo-google-domains/ Rootkit!
  58. 58. CASE STUDY: LENOVO INCIDENT (25-FEB-15)  What is a Rootkit?  A Rootkit is a stealthy type of malicious software, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.  Damages: A Rootkit might covertly steal user passwords and sensitive data or conduct other unauthorized activities.
  59. 59. CASE STUDY: LENOVO INCIDENT (25-FEB-15)  Webnic registrar offline for around 5 days after the incident.
  60. 60. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  61. 61. DNS HIJACKING PREVENTION BEST PRACTICE  Major DNS Hijacking incidents
  62. 62. DNS HIJACKING PREVENTION BEST PRACTICE  DNS Hijacking aka Domain Theft is the process by which the registration of a currently registered domain name is transferred without the permission of its original registrant, generally by exploiting a vulnerability in the domain name registration system.
  63. 63. DNS HIJACKING PREVENTION BEST PRACTICE  Registrar Clients locks:  Purpose: To prevent unauthenticated changes.  clientUpdateProhibited  clientTransferProhibited  clientDeleteProhibited  This is useless when the attacker has obtain the credentials to a registrar account.  Source: https://blogs.akamai.com/2015/01/dns-hijacking-dangers-and- defenses.html
  64. 64. DNS HIJACKING PREVENTION BEST PRACTICE  Registrar Servers locks:  Purpose: The registrar will contact the previously agreed upon admin contact to verify the changes.  Requires call back to a specified phone number  Only certain individuals can make changes  serverUpdateProhibited  serverTransferProhibited  serverDeleteProhibited  Source: https://blogs.akamai.com/2015/01/dns-hijacking-dangers-and-defenses.html
  65. 65. DNS HIJACKING PREVENTION BEST PRACTICE  After the incident, Malaysia Airlines implemented both Registrar Client Lock and Registrar Server Lock.
  66. 66. DNS HIJACKING PREVENTION BEST PRACTICE  After the incident, Lenovo implemented both Registrar Client Lock and Registrar Server Lock.
  67. 67. DNS HIJACKING PREVENTION BEST PRACTICE  Most domains implement Registrar Client Lock only to avoid inconvenience when there is a need for fast turnaround time.  Example: www.dbs.com.sg
  68. 68. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  69. 69. QUESTIONS TO ASK YOUR DOMAIN REGISTRAR  Choose a reputable Domain Registrar. Do your research by asking the following questions:  Q1: What are my authentication options?  Q2: How will authorized changes be verified?  Q3: Can I lock changes to a call back number?  Q4: Backup plan when primary authentication method fails?  Q5: Can the above be circumvented via API, Rookit or portal?
  70. 70. AGENDA 1. Preparing a DDoS Attack Defence 2. Traditional Architecture 3. What is a Content Delivery Network (CDN)? 4. CDN Architecture 5. Key Benefits of Enterprise CDN 6. Key Benefits of Web Application Firewall (WAF) 7. CDN and WAF Architecture 8. WAF Weakness 9. CDN Weakness 10. Case Study: Malaysia Airlines incident (26-Jan-15) 11. Case Study: Lenovo incident (25-Feb-15) 12. DNS Hijacking Prevention Best Practices 13. Questions to ask your Domain Registrar 14. CDN Security Protection Best Practices
  71. 71. CDN SECURITY PROTECTION BEST PRACTICES  Don’t use guessable origin domain name. The attacker can guess the origin system DNS record to bypass the controls. Or using Shodan (http://shodanhq.com).  E.g. origin.www.<domain name>
  72. 72. CDN SECURITY PROTECTION BEST PRACTICES  Disable CDN debugging features. The debugging information can be used by attacks to design a DDoS attack.
  73. 73. CDN SECURITY PROTECTION BEST PRACTICES  Only allow your Origin server to communicate with your CDN servers by white-listing the CDN servers on your firewall.
  74. 74. CDN SECURITY PROTECTION BEST PRACTICES  Only allow your Primary DSN server to communicate with your CDN DNS servers by white-listing the CDN DNS servers on your firewall.
  75. 75. CDN SECURITY PROTECTION BEST PRACTICES  To prevent Direct-to-Origin attacks  Subscribe to your ISP Clean-Pipe service or to a Scrubber service provider.
  76. 76. THANK YOU! References:  https://www.incapsula.com/blog/  https://blogs.akamai.com/2013/08/bypassing-content-delivery- security.html  https://blogs.akamai.com/2015/01/dns-hijacking-dangers-and- defenses.html  https://blogs.akamai.com/2014/06/fresh-wave-of-online- extortion-attacks-underway.html  https://blogs.akamai.com/  https://blog.cloudflare.com/  http://mesmor.com/2012/03/18/akamai-pragma-debug- headers/

×