Wednesday, December 28, 2011

Java: how can a 1Gbit/s attack keep up to 100K i7 CPUs busy?

This is a hash table vulnerability found in many web application platforms, like PHP, ASP.NET, Ruby, and Java (but not only Java). In one of the cases, 1Gbit/s can keep up to 1 million CPUs busy!

Microsoft has already posted an advisory on this issue. The video has more information about other platforms.

The video below was published today and contains more details on the vulnerability. It is quite interesting, especially if you're into security.

And here you can find a blog post with more details on the talk:

http://cryptanalysis.eu/blog/2011/12/28/effective-dos-attacks-against-web-application-plattforms-hashdos/
Post a Comment