Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Unexpected Impacts of DDoS Attacks and How to Stop Them

2,618 views

Published on

With the launch of Cloudflare Rate Limiting, web security expert Troy Hunt, Microsoft Regional Director and Founder of HaveIBeenPwned.com, joins Cloudflare in this security webinar.
Webinar topics include evolving global DDoS attack trends, how Have I Been Pwned prevents excessive API requests using DDoS Protection and Rate Limiting, and a quick how-to on enabling Rate limiting in the Cloudflare dashboard.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Unexpected Impacts of DDoS Attacks and How to Stop Them

  1. 1. Unexpected Impacts of DDoS Attacks and How to Stop Them How one customer protects the world against hackers and saves money using Cloudflare’s Rate Limiting
  2. 2. Housekeeping ● Stay to the end to get presentation slides and recording ● Ask questions in the “Questions” chat box in ReadyTalk ● We’ll triage all questions during at the end of the presentation ● All attendees are muted
  3. 3. Today’s Agenda ● Stories from Customers: Unexpected Impacts of Denial of Service (5 min) ● Expert on breached passwords on how he uses Cloudflare (20 min) ● Q&A session (10 Min)
  4. 4. Presenters Troy Hunt Founder at HaveIBeenPwned.com troyhunt@hotmail.com Tim Fong Product Manager at Cloudflare Fongster@Cloudflare.com
  5. 5. The Impact of DDoS Attacks
  6. 6. Attacks hit closer to home Had over 6,000 companies interested in Early Access to Rate Limiting Personally spoke to 50+ customers of all sizes and all types of industries Biggest take away: an attack doesn’t need to make headlines to hurt
  7. 7. REGULATORY FINES
  8. 8. LOWER GOOGLE PAGERANK
  9. 9. DEGRADED BRAND PERCEPTION
  10. 10. CUSTOMER ACCIDENTAL DENIAL OF SERVICE
  11. 11. FEWER PIZZAS
  12. 12. Introduction to Troy Hunt Microsoft Regional Director and MVP Founder of HaveIBeenPwnd.com Troy Hunt Founder at HaveIBeenPwned.com troyhunt@hotmail.com
  13. 13. Unexpected Impacts of DDoS Attacks and How to Stop Them Troy Hunt @troyhunt
  14. 14. GET https://haveibeenpwned.com/api/v2/breachedaccount/{account}
  15. 15. { "Name":"Adobe", "Title":"Adobe", "Domain":"adobe.com", "BreachDate":"2013-10-04", "AddedDate":"2013-12-04T00:00Z", "PwnCount":152445165, "Description":"In October 2013, 153 million Adobe accounts...", "DataClasses":["Email addresses","Password hints","Passwords..."], "IsVerified":True, "IsSensitive":False, "IsRetired":False, "IsSpamList":False }
  16. 16. HTTP 429 – Too Many Requests
  17. 17. Controlling Malicious Traffic Layer defenses to create greater resiliency to malicious traffic Cache Caching of static assets is the easiest possible solution – serve as much as possible direct from Cloudflare
  18. 18. Controlling Malicious Traffic Layer defenses to create greater resiliency to malicious traffic Cache Firewall Caching of static assets is the easiest possible solution – serve as much as possible direct from Cloudflare Add firewall rules to block or challenge specific clients that exhibit malicious behavior
  19. 19. If traffic is malicious Call Cloudflare API Add JavaScript challenge for IP to firewall
  20. 20. Read 142,370 lines with 1,314 unique IP addresses First request: 09:30:00 Last request: 09:59:59 IP 35.165.142.216 found 89,031 times over 1,794 seconds (49/s) GET /api/v2/breaches/ : 88,966 requests
  21. 21. Controlling Malicious Traffic Layer defenses to create greater resiliency to malicious traffic Cache Firewall Rate Limit Caching of static assets is the easiest possible solution – serve as much as possible direct from Cloudflare Add firewall rules to block or challenge specific clients that exhibit malicious behavior Be more proactive with rate limiting and stop abusive traffic before it has an adverse impact
  22. 22. In Summary 1. Get traffic off the origin 1. Cache it (and get the perf gain too!) 2. Block it with firewall rules 2. Rate limiting takes this further 1. Allows the edge to make decisions on traffic 2. Protects discrete resources at higher risk… 3. …plus provides a safety blanket for the whole site Less traffic flowing to the origin means less overhead on the service Less overhead on the service means more ability to scale… …and less bottom line impact as fewer resources are required Cloudflare rate limiting allows decisions about traffic to be made upstream of the website
  23. 23. Thank you! Troy Hunt @troyhunt
  24. 24. Rate Limiting Overview Rate Limiting functionalities can enabled in the “Firewall” application of your Cloudflare dashboard.
  25. 25. Additional Rate Limiting Resources Cloudflare knowledge base articles on Rate Limiting: http://cfl.re/rate-limiting-kb Rate Limiting hands-on demos: https://www.cloudflare.com/rate-limiting/ Activate Rate Limiting: https://www.cloudflare.com/a/firewall/
  26. 26. Live Q&A Session Cloudflare Rate Limiting

×