![{
"Name":"Adobe",
"Title":"Adobe",
"Domain":"adobe.com",
"BreachDate":"2013-10-04",
"AddedDate":"2013-12-04T00:00Z",
"PwnCount":152445165,
"Description":"In October 2013, 153 million Adobe
accounts...",
"DataClasses":["Email addresses","Password
hints","Passwords..."],
"IsVerified":True,
"IsSensitive":False,
"IsRetired":False,
"IsSpamList":False
}](https://image.slidesharecdn.com/ratelimiting-customerwebinar-170413225402/85/Unexpected-Impacts-of-DDoS-Attacks-and-How-to-Stop-Them-16-320.jpg)
Unexpected Impacts of DDoS Attacks and How to Stop Them
- 1. Unexpected Impacts of DDoS Attacks and How to Stop Them How one customer protects the world against hackers and saves money using Cloudflare’s Rate Limiting
- 2. Housekeeping ● Stay to the end to get presentation slides and recording ● Ask questions in the “Questions” chat box in ReadyTalk ● We’ll triage all questions during at the end of the presentation ● All attendees are muted
- 3. Today’s Agenda ● Stories from Customers: Unexpected Impacts of Denial of Service (5 min) ● Expert on breached passwords on how he uses Cloudflare (20 min) ● Q&A session (10 Min)
- 4. Presenters Troy Hunt Founder at HaveIBeenPwned.com troyhunt@hotmail.com Tim Fong Product Manager at Cloudflare Fongster@Cloudflare.com
- 5. The Impact of DDoS Attacks
- 6. Attacks hit closer to home Had over 6,000 companies interested in Early Access to Rate Limiting Personally spoke to 50+ customers of all sizes and all types of industries Biggest take away: an attack doesn’t need to make headlines to hurt
- 11. FEWER PIZZAS
- 12. Introduction to Troy Hunt Microsoft Regional Director and MVP Founder of HaveIBeenPwnd.com Troy Hunt Founder at HaveIBeenPwned.com troyhunt@hotmail.com
- 13. Unexpected Impacts of DDoS Attacks and How to Stop Them Troy Hunt @troyhunt
- 16. { "Name":"Adobe", "Title":"Adobe", "Domain":"adobe.com", "BreachDate":"2013-10-04", "AddedDate":"2013-12-04T00:00Z", "PwnCount":152445165, "Description":"In October 2013, 153 million Adobe accounts...", "DataClasses":["Email addresses","Password hints","Passwords..."], "IsVerified":True, "IsSensitive":False, "IsRetired":False, "IsSpamList":False }
- 18. HTTP 429 – Too Many Requests
- 23. Controlling Malicious Traffic Layer defenses to create greater resiliency to malicious traffic Cache Caching of static assets is the easiest possible solution – serve as much as possible direct from Cloudflare
- 25. Controlling Malicious Traffic Layer defenses to create greater resiliency to malicious traffic Cache Firewall Caching of static assets is the easiest possible solution – serve as much as possible direct from Cloudflare Add firewall rules to block or challenge specific clients that exhibit malicious behavior
- 26. If traffic is malicious Call Cloudflare API Add JavaScript challenge for IP to firewall
- 28. Read 142,370 lines with 1,314 unique IP addresses First request: 09:30:00 Last request: 09:59:59 IP 35.165.142.216 found 89,031 times over 1,794 seconds (49/s) GET /api/v2/breaches/ : 88,966 requests
- 29. Controlling Malicious Traffic Layer defenses to create greater resiliency to malicious traffic Cache Firewall Rate Limit Caching of static assets is the easiest possible solution – serve as much as possible direct from Cloudflare Add firewall rules to block or challenge specific clients that exhibit malicious behavior Be more proactive with rate limiting and stop abusive traffic before it has an adverse impact
- 33. In Summary 1. Get traffic off the origin 1. Cache it (and get the perf gain too!) 2. Block it with firewall rules 2. Rate limiting takes this further 1. Allows the edge to make decisions on traffic 2. Protects discrete resources at higher risk… 3. …plus provides a safety blanket for the whole site Less traffic flowing to the origin means less overhead on the service Less overhead on the service means more ability to scale… …and less bottom line impact as fewer resources are required Cloudflare rate limiting allows decisions about traffic to be made upstream of the website
- 35. Rate Limiting Overview Rate Limiting functionalities can enabled in the “Firewall” application of your Cloudflare dashboard.
- 36. Additional Rate Limiting Resources Cloudflare knowledge base articles on Rate Limiting: http://cfl.re/rate-limiting-kb Rate Limiting hands-on demos: https://www.cloudflare.com/rate-limiting/ Activate Rate Limiting: https://www.cloudflare.com/a/firewall/
- 37. Live Q&A Session Cloudflare Rate Limiting