Symmetric denial of service - FTP
Need
Mitigation of FTP symmetric denial of service attacks
Context
- Usage of C# 7.1 for developing modern and efficient applications
- Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core MVC
- Usage of System.Threading.Tasks for asynchronous programming in .NET
Description
Non compliant code
[HttpPost]
public async Task<IActionResult> ConfigureAndProgram(string selectedProtocol)
{
if (selectedProtocol == "SFTP")
{
// Long running process
await Task.Delay(10000); // Simulating long running process
}
return Ok();
}
The above code represents a POST endpoint in an ASP.NET Core application that accepts a string parameter selectedProtocol. If the selectedProtocol is "SFTP", it simulates a long-running process by delaying for 10 seconds.
This code is vulnerable to a Symmetric Denial of Service (DoS) attack. In a DoS attack, an attacker floods a system with traffic or data to overwhelm its resources and make it unavailable to users. In this case, if an attacker sends multiple requests to this endpoint with "SFTP" as the selectedProtocol, it would lead to a server crash because each request would take 10 seconds to process. This would eventually exhaust the server's resources, leading to a 504 Gateway Timeout error.
Steps
- Implement rate limiting or throttling mechanisms to limit the number of requests that can be made within a certain time frame.
- Optimize the long running process to reduce the processing time.
- Consider using asynchronous programming techniques to improve the performance of the code.
- Implement proper error handling and return appropriate HTTP status codes instead of a generic 'Ok' response.
- Consider using a different protocol or approach that does not cause a denial of service vulnerability.
Compliant code
[HttpPost]
[EnableThrottling(PerSecond = 5)] // Rate limiting
public async Task<IActionResult> ConfigureAndProgram(string selectedProtocol)
{
try
{
if (selectedProtocol == "SFTP")
{
// Long running process
// Optimized process
await Task.Run(() => LongRunningProcess()); // Simulating optimized long running process
}
return Ok();
}
catch (Exception ex)
{
// Proper error handling
return StatusCode(500, $"Internal server error: {ex}");
}
}
private void LongRunningProcess()
{
// Simulate optimized long running process
Thread.Sleep(5000);
}
The updated code includes several changes to address the denial of service vulnerability:
-
Rate Limiting: The
EnableThrottlingattribute is used to limit the number of requests that can be made per second. This prevents an attacker from overwhelming the server with multiple requests. -
Optimized Long Running Process: The long running process has been moved to a separate method and is now run on a separate thread using
Task.Run(). This allows the server to handle other requests while the long running process is executing. -
Asynchronous Programming: The long running process is now run asynchronously, which improves the performance of the code and allows the server to handle other requests while the long running process is executing.
-
Error Handling: Proper error handling has been added. If an exception is thrown during the execution of the method, a 500 (Internal Server Error) status code is returned along with a message detailing the error.
-
Protocol Selection: The code still allows for the selection of the SFTP protocol. However, with the other changes in place, the denial of service vulnerability should be mitigated. If the vulnerability persists, consider using a different protocol or approach.