Hacking



  • Defcon 21 - Defense by numbers: Making Problems for Script Kiddies and Scanner Monkeys
    • Summary: Script kiddies use one of a few different known existing software applications that allow them to basically press a button to scan a server for vulnerabilities and then launch attacks. These software applications attempt to mimic existing web browsers (IE, Firefox, Chrome) when they send requests to web servers, and these browsers have certain quirks with how they handle uncommon HTTP response codes. Thus, if you are trying to defend your website against these kinds of low-sophistication script-kiddie attacks, you can use HTTP codes to cause problems with the attacking software to 1) dramatically increase the amount of time it takes for the software to find vulnerabilities (from minutes to 14+ hours), 2) reduce the number of vulnerabilities that end up being found, and 3) introduce false positives (fake vulnerabilities). The creators of these software applications coukd somewhat fix these current vulnerabilities by looking more closely at the responses they're getting from web servers, but 1) they don't feel any strong motivation to do it at the moment, and 2) this will cause some unavoidable slowdown in how the software works. He'd like to make it easy for web server admins to implement this kind of defense and so he'd like to get this defense included in an open-source project, but he doesn't have the skills necessary to do it, and so he asked if anyone in the audience would be interested.