Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security: DoS potential using automation to generate spaces #83

Open
genecyber opened this issue Mar 13, 2017 · 1 comment
Open

Security: DoS potential using automation to generate spaces #83

genecyber opened this issue Mar 13, 2017 · 1 comment

Comments

@genecyber
Copy link

Issue: DoS / Theft of services potential

Reproduce:

  1. Signup for IDE account here: https://live.ether.camp/signup
  2. Repeat
  3. Exhaust Azure credit
    -- a. Optionally launch denial of service attack or password cracking process.

Mitigate

  1. Add Re-Captcha or other captcha requirement
  2. Require email verification before able to sign into ide.
@romanman
Copy link

@genecyber after some time the instance become inactive
so it is pretty significant ammount of energy ot keep them all
a live

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@genecyber @romanman