This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Projects/OWASP WS Amplification DoS Project/Roadmap"

From OWASP
Jump to: navigation, search
(Created page with "PHASE 1: A - Setting up a tool that can detect this vulnerabilty - Finding a way to crawl the net looking for open webservices and test them with the above tool B - Looki...")
 
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
PHASE 1:
+
'''PHASE 1:'''
 +
*'''A''' - Setting up a tool that can detect this vulnerability
 +
**Finding a way to crawl the net looking for open webservices and test them with the above tool
 +
*'''B''' - Looking into the different WS implementations and finding out their default WS-Addressing behaviour
 +
** .NET, Axis, Axis2, CXF,...
  
A - Setting up a tool that can detect this vulnerabilty
 
  
  - Finding a way to crawl the net looking for open webservices and test them with the above tool
+
'''PHASE 2:'''
 +
*'''A''' - Analyse the results and determine the global threat magnitude
 +
** Average amplification factor, number of vulnerable open webservices,...
 +
*'''B''' - Determine what adjustments and countermeasures must be taken in order to mitigate the threat
 +
**In the frameworks, external tool?,...
  
B - Looking into the different WS implementations and finding out their default WS-Addressing behaviour
 
  
* .NET, Axis, Axis2, CXF,...
+
'''PHASE 3:'''
 
+
*Bundle all the results and possible countermeasures into a document/article to create awareness
PHASE 2:
 
 
 
A - Analyse the results and determine the global threat magnitude
 
 
 
* Average amplification factor, number of vulnerable open webservices,...
 
 
 
B - Determine what adjustments and countermeasures must be taken in order to mitigate the threat
 
 
 
* In the frameworks, external tool?,...
 
 
 
PHASE 3:
 
 
 
- Bundle all the results and possible countermeasures into a document/article to create awareness
 

Latest revision as of 15:08, 23 May 2013

PHASE 1:

  • A - Setting up a tool that can detect this vulnerability
    • Finding a way to crawl the net looking for open webservices and test them with the above tool
  • B - Looking into the different WS implementations and finding out their default WS-Addressing behaviour
    • .NET, Axis, Axis2, CXF,...


PHASE 2:

  • A - Analyse the results and determine the global threat magnitude
    • Average amplification factor, number of vulnerable open webservices,...
  • B - Determine what adjustments and countermeasures must be taken in order to mitigate the threat
    • In the frameworks, external tool?,...


PHASE 3:

  • Bundle all the results and possible countermeasures into a document/article to create awareness
Retrieved from "https://wiki.owasp.org/index.php?title=Projects/OWASP_WS_Amplification_DoS_Project/Roadmap&oldid=152152"