Defense by numbers: Making problems for script kiddies and scanner monkeys

DEF CON 21

Presented by: Chris John Riley
Date: Sunday August 04, 2013
Time: 10:00 - 10:45
Location: Track 4
Track: Track 4

On the surface most common browsers look the same, function the same, and deliver web content to the user in a relatively uniformed fashion. Under the shiny surface however, the way specific user agents handle traffic varies in a number of interesting and unique ways. This variation allows for defenders to play games with attackers and scripted attacks in a way that most normal users will never even see.

This talk will attempt to show that differences in how different user agents handle web server responses (specifically status codes) can be used to improve the defensive posture of modern web applications while causing headaches for the average script kiddy or scanner monkey!

Chris John Riley

Chris John Riley (@ChrisJohnRiley) is a senior penetration tester and part-time security researcher working in the Austrian financial sector. With over 15 years experience in various aspects of Information Technology, Chris now focuses full time on Information Security. Chris is one of the founders of the PTES (Penetration Testing Execution Standard), regular conference attendee and avid blogger (blog.c22.cc), as well as being a regular contributor to the Metasploit project and generally getting in trouble in some way or another. When not working to break one technology or another, Chris enjoys long walks in the woods, candle light dinners and talking far too much on the Eurotrash Security podcast.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats