Posts Tagged Denial of Service
Advanced, built-in security protection and remote auditing help your organization comply with industry security standards, including Payment Card Industry Data Security Standard (PCI DSS), HIPAA, Basel II, and SOX, in a cost-effective way—without requiring multiple appliances, application changes, or rewrites. BIG-IP ASM reports previously unknown threats, such as layer 7 denial-of-service (DoS) and SQL injection attacks, and it mitigates web application threats to shield the organization from data breaches. All reports are GUI-driven and provide drill-down options with a click.
With PCI reporting, BIG-IP ASM lists security measures required by PCI DSS 1.2, determines if compliance is being met, and details steps required to become compliant if not.
Geolocation reporting informs you of the country where threats originate in addition to attack type, violation, URL, IP address, severity, and more. You can also schedule reports to be sent to a designated email address automatically for up-to-date reporting.
Easy-to-read format for remote auditing
BIG-IP ASM makes security compliance easier and saves valuable IT time by exporting policies in human readable format. The flat, readable XML file format enables auditors to view the policies off site. Auditors working remotely can view, select, review, and test policies without requiring time and support from the web application security administrator.
Trojan horse email offers the promise of something you might be interested in—an attachment containing a joke, a photograph, or a patch for a software vulnerability. When opened, however, the attachment may do any or all of the following:
- create a security vulnerability on your computer
- open a secret “backdoor” to allow an attacker future illicit access to your computer
- install software that logs your keystrokes and sends the logs to an attacker, allowing the attacker to ferret out your passwords and other important information
- install software that monitors your online transactions and activities
- provide an attacker access to your files
- turn your computer into a “bot” an attacker can use to send spam, launch denial-of-service attacks, or spread the virus to other computers
What to Look For
Trojan horse emails have come in a variety of packages over the years. One of the most notorious was the “Love Bug” virus, attached to an email with the subject line “I Love You” and which asked the recipient to view the attached “love letter.” Other Trojan horse emails have included the following:
- email posing as virtual postcard
- email masquerading as security bulletin from a software vendor requesting the recipient apply an attached “patch”
- email with the subject line “funny” encouraging the recipient to view the attached “joke”
- email claiming to be from an antivirus vendor encouraging the recipient to install the attached “virus sweeper” free of charge
Attack surface: Canonicalization
Attack impact: Denial of service
Description: C14N can be an expensive operation, requiring complex processing (Boyer ‟01), including entity expansion and normalization of whitespace, namespace declarations, and coalescing of adjacent text and CDATA nodes. This requires building a DOM and performing memory- and processor-intensive operations.
Exploit scenario: Attacker replaces the SignedInfo or XML content identified by a Reference with a very large set of XML data containing many namespace declarations, redundant adjacent text nodes, etc., leading to a denial of service condition.
Mitigation: Limit the total size of XML submitted for canonicalization.
Applies to XML Encryption? No