robot attack
play

Robot Attack! Repelling Bots, DDOS, and other Fiends Stanford - PowerPoint PPT Presentation

Oct 21, 2023 •99 likes •247 views

Robot Attack! Repelling Bots, DDOS, and other Fiends Stanford Drupal Camp 2015 MEET YOUR GUIDES Suzanne Aldrich Martijn Gonlag Senior Customer Success Engineer - Pantheon Technical Support Engineer - CloudFlare AGENDA Surveying Robots

  1. Robot Attack! Repelling Bots, DDOS, and other Fiends Stanford Drupal Camp 2015

  2. MEET YOUR GUIDES Suzanne Aldrich Martijn Gonlag Senior Customer Success Engineer - Pantheon Technical Support Engineer - CloudFlare

  3. AGENDA Surveying Robots Detecting Attacks Evading Spam Withstanding High Traffic Questions

  4. HISTORY OF THE ROBOT Internet bot: Drupal’s robots.txt Robot, WWW bot, bot, botnet, zombies ● https://api.drupal.org/api/drupal/robots. txt/7 Automated scanning of website ● User-agent: * resources at high rate Good bots: Web spiders Crawl-delay: 10 ● Googlebot Disallow: /includes/ ○ MSNBot/Bingbot ○ Disallow: /CHANGELOG.txt Baidu ○ Disallow: /cron.php Yandex ○ Disallow: /install.php Pingdom ○ Disallow: /update.php Disallow: /xmlrpc.php

  5. BAD BOTS Bad bots: Spambots - advertising links ● Email harvesters ● Downloaders & scrapers ● Referral & click fraud ● Rogue spiders ● MegaIndex: ○ Mozilla/5.0 (compatible; MegaIndex.ru/2.0; +https://www. megaindex.ru/?tab=linkAnalyze) Infectious agents ● Botnets & zombies ●

  6. DETECTING ATTACKS Id Date Severit Type Message 3161818 16/Jun 16:45 notice spambot Blocked registration: email=supplyweqz@gmail. com,ip=120.43.21.95 3161817 16/Jun 16:45 notice user Login attempt failed for JulianHut. 3161794 16/Jun 16:44 notice user Login attempt failed for Julianml.

  7. EVADING SPAM Common SPAM Defense Methods: Popular Drupal Modules: CAPTCHA/reCAPTCHA - https://www.drupal. CAPTCHA - Completely Automated Public ● org/project/captcha Turing test to tell Computers and https://www.drupal.org/project/recaptcha Humans Apart Timegate (Time Difference) ● Mollom - https://www.drupal.org/project/mollom Honeypot ● Honeypot - https://www.drupal.org/project/honeypot Content analysis ● Antispam - https://www.drupal.org/project/antispam Visitor reputation ● Spambot - https://www.drupal.org/project/spambot CloudFlare - https://www.drupal.org/project/cloudflare Spam prevention - https://groups.drupal.org/node/77093

  8. ANTI-SPAM STRATEGIC PITFALLS Problems with CAPTCHA: Problems with External APIs: Cookies prevent anonymous caching 3rd party dependency ● ● High traffic sites require edge cache Availability & rate limiting ○ ● Usability CAPTCHA fallback ● ● Inconvenient Cost of service ○ ● Barrier User Privacy ○ ● Accessibility ● Visual impairment ○

  9. WITHSTANDING HIGH TRAFFIC Poor performance + bots = downtime ● $ curl -Ik http://www.example. com/comment/reply/12345 Server and log monitoring ● Fix site errors in module code and theme ... ● templates X-Varnish: 3649165893 Anonymous page caching Age: 0 ● Views query and rendered results caching ● Via: 1.1 varnish Dedicated cacheserver - Redis ● Connection: keep-alive Disable comments/cookies/statistics ● Vary: Cookie, Cookie Setup CDN for serving assets ● Block IPs at firewall ● Withstand many Layer 7 attacks ●

  10. CLOUDFLARE SECURITY • Cloud-based SaaS • Reverse Proxy • Security • Performance • Optimization • CDN • DNS

  11. CLOUDFLARE DRUPAL WAF RULES D0000 - Block Large Requests to xmlrpc.php for Drupal CMS 10.223.224.238 - - [05/Feb/2015:23:34:47 +0000] "POST /xmlrpc. D0002 - Block requests with odd array arguments php HTTP/1.1" 404 5377 "-" "Mozilla/4.0 (compatible: MSIE 7.0; D0001 - Block Requests to xmlrpc.php for Drupal CMS Windows NT 6.0)" 0.251 "5.189.129.224, 108.162.254.28, 10.183.251.3" 10.223.224.238 - - [05/Feb/2015:23:34:47 +0000] "GET /feed/ URIs: HTTP/1.1" 200 6354 "http://example.com/feed/" "SimplePie/1.3.1 /xmlrpc.php -- most common (Feed Parser; http://simplepie.org; Allow like Gecko) /?q=node&destination=node Build/20140407093003" 0.201 "54.216.178.194, 141.101.98.27, 10.183.251.3" /blog/xmlrpc.php 10.223.193.24 - - [05/Feb/2015:23:34:47 +0000] "POST /xmlrpc. /user/login/ php HTTP/1.1" 404 5377 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" 0.233 "5.189.129.224, 108.162.254.28, HTTP Method: 10.183.251.3" POST -- most common GET

  12. CLOUDFLARE DRUPAL WAF TRIGGERS Frequency of WAF Triggers Over 30 Days Percentage of Triggers by WAF Rule

  13. CONNECT WITH US! https://twitter.com/SuzanneAldrich https://twitter.com/MartijnGonlag

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Robothlon Team competition, each team programs a robot for each event Events Robot

Robothlon Team competition, each team programs a robot for each event Events Robot

Robothlon Team competition, each team programs a robot for each event Events Robot rally - Race your robot round Robot retrieve - Fetch balls with the robot Robot rumble - Last robot moving in a ring Points

269 views • 5 slides
Rational Robot A Test Automation Tool What is Rational Robot? Rational Robot is a complete

Rational Robot A Test Automation Tool What is Rational Robot? Rational Robot is a complete

Rational Robot A Test Automation Tool What is Rational Robot? Rational Robot is a complete set of components for automating the testing of Microsoft Windows client/server and Internet applications. (Rational Robot user guide) Rational

741 views • 41 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
What is a robot? A robot is an intelligent system that interacts with the Robot Lecture 2:

What is a robot? A robot is an intelligent system that interacts with the Robot Lecture 2:

What is a robot? A robot is an intelligent system that interacts with the Robot Lecture 2: Robot Basics physical environment through sensors and sensors effectors effectors. CS 344R/393R: Robotics Environment Benjamin Kuipers

596 views • 6 slides
Out line Robot ics Percept ion Robot ics Planning Reading: R&N Sect .

Out line Robot ics Percept ion Robot ics Planning Reading: R&N Sect .

Out line Robot ics Percept ion Robot ics Planning Reading: R&N Sect . 25.1-25.4 J uly 26, 2005 CS 486/ 686 Univer sit y of Wat erloo 2 CS486/686 Lecture Slides (c) 2005 P. Poupart Robot s Robot s Mobile r obot s

247 views • 4 slides
Robot ics J uly 26, 2005 CS 486/ 686 Universit y of Wat erloo Out line Robot ics

Robot ics J uly 26, 2005 CS 486/ 686 Universit y of Wat erloo Out line Robot ics

Robot ics J uly 26, 2005 CS 486/ 686 Universit y of Wat erloo Out line Robot ics Percept ion Planning Reading: R&N Sect . 25.1-25.4 2 CS486/686 Lecture Slides (c) 2005 P. Poupart Robot s Manipulat ors

598 views • 22 slides
Robot sensors A robot can be defined as an intelligent link between perception and action

Robot sensors A robot can be defined as an intelligent link between perception and action

Robot sensors A robot can be defined as an intelligent link between perception and action Robot Action Perception Environment www.biorobotics.ttu.ee For a mobile robot Knowledge, Mission Data Base Commands Cognition Localization

551 views • 29 slides
? 1 1/31/2012 Every robot maps to a point in Every robot maps to a point in its configuration

? 1 1/31/2012 Every robot maps to a point in Every robot maps to a point in its configuration

1/31/2012 Idea: Reduce the Robot to a Point Configuration Space of an Configuration Space Articulated Robot Free space Two-Revolute-Joint Robot A configuration of a robot q 2 is a list of non-redundant parameters that fully q 2

279 views • 8 slides
What is a Robot? (3) What Can Robots Do? (1) Autonomous Underwater Vehicle Unmanned Aerial

What is a Robot? (3) What Can Robots Do? (1) Autonomous Underwater Vehicle Unmanned Aerial

3/16/2016 Robotics MSE 2400 1 2 What is a Robot? (1) What is a Robot? (2) Manipulator Legged Robot Wheeled Robot 3 4 What is a Robot? (3) What Can Robots Do? (1) Autonomous Underwater Vehicle Unmanned Aerial Vehicle Jobs that are

377 views • 6 slides
Robot behaviour and control A robot can be defined as an intelligent link between perception

Robot behaviour and control A robot can be defined as an intelligent link between perception

Robot behaviour and control A robot can be defined as an intelligent link between perception and action Robot Action Perception Environment www.biorobotics.ttu.ee For a mobile robot Knowledge, Mission Data Base Commands Cognition

553 views • 29 slides
Human-Robot Interaction CMSC 691 Spring 2016 2 u What is an interaction with a robot? u What is

Human-Robot Interaction CMSC 691 Spring 2016 2 u What is an interaction with a robot? u What is

2/9/16 Human-Robot Interaction CMSC 691 Spring 2016 2 u What is an interaction with a robot? u What is a robot? u What counts as interaction? u Robot(ic)s, for our purposes, is where computation meets the physical world Principles of u

364 views • 4 slides
Establishing a Korean Robot Ethics Charter 2007. 4. 14 Robot Division, Ministry of Commerce,

Establishing a Korean Robot Ethics Charter 2007. 4. 14 Robot Division, Ministry of Commerce,

Establishing a Korean Robot Ethics Charter 2007. 4. 14 Robot Division, Ministry of Commerce, Industry and Energy, KOREA H.B.Shim (shbs@mocie.go.kr) Outline Trends of the Robot Industry in Korea Trends of Robot-Developing Technologies in

125 views • 11 slides
Analysis and Control of Multi-Robot Systems Multi-Robot Localization Dr. Paolo Stegagno

Analysis and Control of Multi-Robot Systems Multi-Robot Localization Dr. Paolo Stegagno

Elective in Robotics 2011/2012 Analysis and Control of Multi-Robot Systems Multi-Robot Localization Dr. Paolo Stegagno Dipartimento di Ingegneria Informatica, Automatica e Gestionale 1 / 73 Introduction multi-robot localization :

759 views • 73 slides
ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on Deep Neural Networks Yandong Li* 1 Lijun Li* 1 Liqiang Wang 1 Tong Zhang 2 Boqing Gong 3 *Equal Contribution 1 University of Central Florida 2 Hong

440 views • 11 slides
Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know. Current biological diagnostics are very effective at identifying agents, but theyre slow. We already have an infrastruc- ture in place to

233 views • 8 slides
Chaos: The Last Stand Against Our Robot Overlords Nathan schbacher @ gen_nja Freezing Robot

Chaos: The Last Stand Against Our Robot Overlords Nathan schbacher @ gen_nja Freezing Robot

Chaos: The Last Stand Against Our Robot Overlords Nathan schbacher @ gen_nja Freezing Robot Problem: Once the environment surpasses a certain level of dynamic complexity, the path planner decides that all forward paths are unsafe. 01101

616 views • 43 slides
Empirical study of the impact of Metasploit-related attacks in 4 years of attack traces E.

Empirical study of the impact of Metasploit-related attacks in 4 years of attack traces E.

Empirical study of the impact of Metasploit-related attacks in 4 years of attack traces E. Ramirez-Silva and M. Dacier Eurcom Institute - Sophia Antipolis, France ASIAN'07 December 11, 2007- Doha, Qatar Introduction Overview Introduction

584 views • 42 slides
Nomadic Honeypots A Novel Concept for Smartphone Honeypots Steffen Liebergeld , Matthias Lange and

Nomadic Honeypots A Novel Concept for Smartphone Honeypots Steffen Liebergeld , Matthias Lange and

Nomadic Honeypots A Novel Concept for Smartphone Honeypots Steffen Liebergeld , Matthias Lange and Collin Mulliner Security in Telecommunications Technische Universit at Berlin, Germany { steffen,mlange } @sec.t-labs.tu-berlin.de Northeastern

713 views • 11 slides
Io IoT Ho T Hone neyBot yBot Haris emi and Saa Mrdovi Cryptacus: Workshop and MC

Io IoT Ho T Hone neyBot yBot Haris emi and Saa Mrdovi Cryptacus: Workshop and MC

Io IoT Ho T Hone neyBot yBot Haris emi and Saa Mrdovi Cryptacus: Workshop and MC meeting Nijmegen, Netherlands, 2017 Honeypots Honeypots Emulation of a network resource Built to be discovered, attacked and compromised

497 views • 18 slides
Tedder Village www.tedderavenue.com.au ON THE AVENUE TEDDER VILLAGE WWW.TEDDERAVENUE.COM.AU

Tedder Village www.tedderavenue.com.au ON THE AVENUE TEDDER VILLAGE WWW.TEDDERAVENUE.COM.AU

Village Life Tedder Avenue Tedder Avenue Tedder Village www.tedderavenue.com.au ON THE AVENUE TEDDER VILLAGE WWW.TEDDERAVENUE.COM.AU Village Life TEDDER VILLAGE ON THE AVENUE WWW.TEDDERAVENUE.COM.AU ZONES 5 HOW IT WORKS 7 UNDER THE HOOD

321 views • 20 slides
E-mail trends in 2010: How do spammers get your address? Using distributed poisoned addresses to

E-mail trends in 2010: How do spammers get your address? Using distributed poisoned addresses to

Motivation How E-mail works Conventional Wisdom Previous Work Implementation Results Conclusion E-mail trends in 2010: How do spammers get your address? Using distributed poisoned addresses to track harvesting behavior Robert Marmorstein

447 views • 17 slides
Empirical Analysis and Statistical Modelling of Attack Processes based on Honeypots M. Kaniche

Empirical Analysis and Statistical Modelling of Attack Processes based on Honeypots M. Kaniche

Empirical Analysis and Statistical Modelling of Attack Processes based on Honeypots M. Kaniche 1 , E. Alata 1 , V.Nicomette 1 , Y. Deswarte 1 , M. Dacier 2 LAAS-CNRS 1 , Eurecom 2 Mohamed.Kaaniche@laas.fr ACI Scurit &

409 views • 17 slides
Preparing for the Unthinkable Cyber Security Chicago 2018 Agenda Introduction Security

Preparing for the Unthinkable Cyber Security Chicago 2018 Agenda Introduction Security

Preparing for the Unthinkable Cyber Security Chicago 2018 Agenda Introduction Security Landscape Meraki Security Demo Security Landscape The Growing Importance of Security MALWARE HAS RISEN BY MORE THAN 10X IN THE LAST YEAR 70% M ALW AR E

604 views • 35 slides
Targeted Attacks: Analysis and Investigation Building Trust in the Information Age Summer School

Targeted Attacks: Analysis and Investigation Building Trust in the Information Age Summer School

Targeted Attacks: Analysis and Investigation Building Trust in the Information Age Summer School on Computer Security & Privacy 16th of September 2014 Dr. Marco Balduzzi Course Outline Who am I and research in the industry Target

811 views • 56 slides

More recommend