Notes On Security

Unmaintained blog of Sergey Shekyan

▼

Saturday, March 16, 2013

To Watch or Be Watched: Turning Your Surveillance Camera Against You

Last year I was lucky enough to attend the Hack In The Box security conference in Amsterdam. Dhillon and the rest of organizers put a great...

Sunday, January 6, 2013

Follow The RFC!

About 40 minutes before our WebSocket presentation at BayThreat I decided to do the final dry run. The slide with stacktrace of crashed des...

Wednesday, January 25, 2012

How I Knocked Down 30 Servers from One Laptop

Cross-posted from Qualys Security Labs. Following the release of the slowhttptest tool with Slow Read DoS attack support , I helped sever...

Thursday, January 5, 2012

Are You Ready For Slow Reading?

Cross-posted from Qualys Security Labs. Imagine a line at a fast food restaurant that serves two types of burgers, and a customer at the ca...

Wednesday, November 2, 2011

How to Protect Against Slow HTTP Attacks

Cross-posted from Qualys Security Labs. Slow HTTP attacks are denial-of-service (DoS) attacks in which the attacker sends HTTP requests in...

Monday, September 19, 2011

Testing Web Servers for Slow HTTP Attacks

Cross-posted from Qualys Security Labs. Following the release of the slowhttptest tool , I ran benchmark tests of some popular Web server...

Thursday, August 25, 2011

New Open-Source Tool for Slow HTTP DoS Attack Vulnerabilities

Cross-posted from Qualys Security Labs. Slow HTTP attacks are denial-of-service (DoS) attacks that rely on the fact that the HTTP protoco...

View web version

About Me

Sergey Shekyan

View my complete profile

Powered by Blogger.