This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Projects/OWASP WS Amplification DoS Project/Roadmap

From OWASP
Revision as of 21:54, 21 May 2013 by Samantha Groves (talk | contribs) (Created page with "PHASE 1: A - Setting up a tool that can detect this vulnerabilty - Finding a way to crawl the net looking for open webservices and test them with the above tool B - Looki...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

PHASE 1:

A - Setting up a tool that can detect this vulnerabilty 

 - Finding a way to crawl the net looking for open webservices and test them with the above tool

B - Looking into the different WS implementations and finding out their default WS-Addressing behaviour

* .NET, Axis, Axis2, CXF,...

PHASE 2:

A - Analyse the results and determine the global threat magnitude

* Average amplification factor, number of vulnerable open webservices,...

B - Determine what adjustments and countermeasures must be taken in order to mitigate the threat

* In the frameworks, external tool?,...

PHASE 3:

- Bundle all the results and possible countermeasures into a document/article to create awareness

Retrieved from "https://wiki.owasp.org/index.php?title=Projects/OWASP_WS_Amplification_DoS_Project/Roadmap&oldid=152003"