Trends in Web Attacks
•Download as PPT, PDF•
0 likes•824 views
Talk on "Trends in Web Attacks" by Arthur Clune. See http://www.ukoln.ac.uk/web-focus/events/workshops/webmaster-2007/talks/clune/
Report
Share
![Trends in Web Attacks Arthur Clune [email_address]](https://cdn.statically.io/img/image.slidesharecdn.com/trends-in-web-attacks393/85/Trends-in-Web-Attacks-1-320.jpg)
Trends in Web Attacks
- 1. Trends in Web Attacks Arthur Clune [email_address]
- 2. Talk Overview History of (web) attacks DDOS attacks and economics Botnets Phishing Why do we care about this anyway?
- 3. A Taxonomy Defacement Resource stealing Denial of Service/DDOS
- 4. History
- 5. Prehistory Before the web ftp (anonymous ftp uploads) gopher backdoors
- 6. Why? Curiosity Status ‘Fame’ Disk space was expensive!
- 7. Morris Worm 1988 Not web based! First self spreading worm
- 8. Early Web Individual attacks Mainly motivated as before
- 9. Trinoo/Stachledract 1999 First large scale DDOS tool University of York was among the victims!
- 10. Code Red/Nimbda 2001 Caused extensive problems (network traffic/instability) First really big worm
- 11. SQLSlammer 2003 Attacked Microsoft SQL Server Fastest spreading worm ever How many of your web sites rely on a database?
- 12. Misc Stuff Also at this time: MS Frontpage extensions Edit your webpage remotely…oh, but so can other people.
- 13. Digression Zone-h defacement archive demo
- 14. Witty Worm 2003 First worm aimed directly at a web server MS IIS Followed by Sasser
- 15. Moving to webapps First php worm - 2004 Attacked phpBB It’s now most common to attack applications not webservers themselves
- 16. Pure web worms 2006 MySpace worm Spread only within MySpace profiles A ‘Web 2.0’ worm?
- 17. Distributed Denial of Service ‘Nice website you’ve got there. Shame if anything happened to it’
- 18. DDOS - Why bother? It’s not about the frame Sometimes it’s about Money
- 19. DDOS II How it works Targets Gambling Porn Anyone with money
- 20. Botnets 0wning the internet for fun and profit
- 21. Botnets Botnets are sets of machines, all controlled by a ‘bot herder’ Often machines are infected when visiting a website Largest botnet found so far had > 1,000,000 machines in it
- 22. Botnet example Demo of botnet from UK Honeynet data
- 23. Phishing There’s one born every minute
- 24. Phishing Different types: 401 scams Bank scams Some of these are very realistic Banks don’t always help themselves
- 25. Phishing 2 Example of a phishing attack from UK Honeynet data
- 26. Am I bovered? Or, why this affects web managers
- 27. How have things changed? Attacks often less personal, but bigger DDOS attacks can be too big to resist Web servers valuable as a way of spreading exploit code It’s not about fame anymore, but money
- 28. How does this affect you? Reputational loss Potential for damages if you can’t show due care Copyright violations on your servers DDOS attacks against you
- 29. What can we do? Follow best practice Occams razor - don’t multiply servers! Code audit/review/pen-testing Network design (DMZs, firewalls etc)
- 30. Questions?