Last blog post in this series described the analysis of the attack with the use of webshells. Such attacks showed how difficult it is to ensure the security of the entire infrastructure to defend against them. This part focuses on the evaluation of available tools and providing prevention and mitigation recommendations.
Everything changes, that’s obvious. The same rule applies to DDoS (Distributed Denial of Service) attacks. At the beginning, it was a simple flood which main purpose was to overwhelm destination machine’s resources or saturate the capacity of network link. Let me present how situation has changed over several last years.
Hopefully the previous blog post already highlighted that at any given moment in time machines around the world try to exploit numerous vulnerabilities. Different obfuscation tricks or stealth techniques are used to delivered payloads and provide crooks with initial foothold by installing webshells. Unfortunately, what makes life of defenders more difficult is that the same principle mentioned in previous post might be used in a subtler and targeted way by motivated attackers aiming to perform cyberespionage.
After not so positive experiences with security conferences this year I finally decided to visit the biggest of them. Here’s DEFCON 23 in several points:
B-Sides London Challenge was supposed to be a one time thing. However when the peepdf’s author creates a challenge it’s hard to say no to that! Don’t try to be like me and learn things the hard way. Trust me on this one and take my advice beforehand. Before you even consider reading this walkthrough update your tool! Otherwise you will spend a long time trying to solve it.