Unicorn Cannon – The Beginning

cannon

Background:
I wanted a public web-server, and my primary goal is to keep it secure. I’ve always been hyper-paranoid about IT security, so making something “open” is a big deal for me.
Since I’m no expert in web-security or development, I often need to rely on premade products like wordpress. And I have no intention of reading ~550k lines of code. I have no idea how most of this code works, nor do I know how this may be exploited.

So, how can can you feel somewhat “safe”, when you got stuff like this on a day to day basis in the webserver access log?, this gives me the chill.

 

I was able to stop most injection-type attacks and botnet crawling scanners by using best practice, Mod-security and the OWASP Cheat Sheet Series, but I still faced one problem that this did not solve – Denial of Service.

 

Testing performance with known tools:
To get more knowledge about how denial of service against web-server works I decided to grab a few public tools and run them from a VM, and so far this seem to be some of the most popular tools.

LOIC – Low Orbit Ion Cannon  Virus Total – 43/54
HOIC – High Orbit Ion Cannon  Virus Total – 30/54
XOIC  Virus Total – 2/54
Hulk – HTTP Unbearable Load King  Virus Total – 0/54
Slowloris  Virus Total – 0/54
RUDY – r-u-dead-yet  Virus Total – 0/54
ARME – Apache httpd Remote Denial of Service (memory exhaustion)  Virus Total – 0/54
Torshammer  Virus Total – 0/54
(Read about them here: http://hackerzelite.blogspot.no/2014/01/top-10-ddos-and-dos-attacking-tools.html)

 

Next article will be about testing those tools.
https://0x41.no/denial-of-service/

Leave a Reply

Your email address will not be published. Required fields are marked *