This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/OWASP WS Amplification DoS Project/Roadmap"
(Created page with "PHASE 1: A - Setting up a tool that can detect this vulnerabilty - Finding a way to crawl the net looking for open webservices and test them with the above tool B - Looki...") |
|||
| Line 1: | Line 1: | ||
PHASE 1: | PHASE 1: | ||
| − | A - Setting up a tool that can detect this | + | A - Setting up a tool that can detect this vulnerability |
| − | + | * Finding a way to crawl the net looking for open webservices and test them with the above tool | |
B - Looking into the different WS implementations and finding out their default WS-Addressing behaviour | B - Looking into the different WS implementations and finding out their default WS-Addressing behaviour | ||
Revision as of 21:55, 21 May 2013
PHASE 1:
A - Setting up a tool that can detect this vulnerability
* Finding a way to crawl the net looking for open webservices and test them with the above tool
B - Looking into the different WS implementations and finding out their default WS-Addressing behaviour
* .NET, Axis, Axis2, CXF,...
PHASE 2:
A - Analyse the results and determine the global threat magnitude
* Average amplification factor, number of vulnerable open webservices,...
B - Determine what adjustments and countermeasures must be taken in order to mitigate the threat
* In the frameworks, external tool?,...
PHASE 3:
- Bundle all the results and possible countermeasures into a document/article to create awareness
