What is OWASP OWASP Live CD Live Demo Omar Sherin-OWASP Egypt.
Owasp Universal
-
Upload
brandon-yassir-gattas-rivera -
Category
Documents
-
view
219 -
download
0
Transcript of Owasp Universal
-
7/25/2019 Owasp Universal
1/19
UniversalHTTP
Denial-of-Service
-
7/25/2019 Owasp Universal
2/19
About Hybrid Creating web-business-logic security
Doing cool stuff in AI research
!ti"i#ing acce!tance rate for $eb-bound
transactions
%ini"i#ing false re&ects ty!ical to signature-basedsolutions
-
7/25/2019 Owasp Universal
3/19
-
7/25/2019 Owasp Universal
4/19
How Would You Like Your Website?
Slow or DEAD?
Slowlorisabuses handling of
HTTP re'uest headers ssslooowly(
$ritten by )Sna*e
Iteratively in&ects one custo" header at a
ti"e and goes to slee!
$eb server vainly awaits the
line s!ace that will never co"e
Stuc* in !hase I forever+ ,inda li*e Tron
R-U-Dead-Yet?abuses HTTPweb for" fields
Iteratively in&ects one custo" byte
into a web a!!lication !ost fieldand goes to slee!
A!!lication threads beco"e#o"bies awaiting ends of !oststill death lur*s u!on the website
Stuc* in !hase II forever+
,inda li*e Tron se'uels
-
7/25/2019 Owasp Universal
5/19
Sloworis
According to HTTP ).C /0102
)e'uest 3 )e'uest-ine
455 general-header
6 re'uest-header 6 entity-header 7 CRLF7
CRLF
8 "essage-body 9
-
7/25/2019 Owasp Universal
6/19
Sloworis
:;T htt!2
-
7/25/2019 Owasp Universal
7/19
Sloworis
D;%
-
7/25/2019 Owasp Universal
8/19
Sloworis %itigation
-
7/25/2019 Owasp Universal
9/19
Patching A!ache
Use A!ache Patchto "oderate average ti"eout thresholds5in* at end of !resentation7
-
7/25/2019 Owasp Universal
10/19
According to S!iderabs2
ModSecurity !"#$#%& Add directi'e( )Sec)eadStatei"it =*
+,e ModSecurity Alerts like t,is(
@ 8%on ov // 1B220 />1>9 8warn9
%odSecurity2 Access denied with code >>+Too "any connections 809 of = allowed in );ADstate fro" /11+1+11/+/> -Possible DoS Consu"!tion Attac* 8)e&ected9
-
7/25/2019 Owasp Universal
11/19
)-U-D-E
PST htt!2>>>
User-Agent2 %o#illaCoo*ie2 FFut"#31G1=01/+1/0001+1+1
userna"e3AAAAAAAAAAAAAAAAAAAAAAAAA(
Julnerability discovered by To" Krennanand $ong nn Chee2
htt!2
-
7/25/2019 Owasp Universal
12/19
)-U-D-E
D;%
-
7/25/2019 Owasp Universal
13/19
$aging $ar U!on SCADA
-
7/25/2019 Owasp Universal
14/19
$aging $ar U!on SCADA
StuLnet o!erated fro" within IranMs nuclearfacilities to ta"!er with uraniu"-enrich"ent
centrifuges
)-U-D-E integrated with SHDAMs APIcould allow auto"atic location and
disru!tion of $eb-facing SCADA controllers
fro" any anony"ous location on ;arth
-
7/25/2019 Owasp Universal
15/19
)-U-D-E %itigation
Add directi'e(
@)e'uest)eadTi"eout body3> Add a rule(Sec)ule );SPS;FSTATUS NOstre' >G@ N!hase2=Qt2noneQnologQ!assQ setvar2i!+slowFdosFcounter3R1QeL!irevar2i!+
slowFdosFcounter30>NSec)ule IP2S$FDSFCUT;) NOgt =@ N!hase21Qt2noneQlogQdro!Q "sg2Client Connection Dro!!ed due to high of slow DoS alertsN
-
7/25/2019 Owasp Universal
16/19
ther 5!otential7 Attac* Jectors
Co"!leL structures such as2 SAPQ VSQ );ST
;nca!sulated !rotocols such as2 SIPQ AVA? binary
strea"s
-
7/25/2019 Owasp Universal
17/19
-
7/25/2019 Owasp Universal
18/19
Sloworis2htt!2
-
7/25/2019 Owasp Universal
19/19
ravivOhybridsec+co"
Than* Eou