Non-standard Users
Explore the challenges non-standard users pose to distributed systems, including session handling issues caused by misconfigured proxies and malicious requests. Understand how HTTP's stateless nature and cookies affect system stability, and learn strategies to identify and mitigate risks from abnormal user behavior to keep your system resilient.
We'll cover the following...
Problem users
We would all sleep more easily if the only users to worry about were the ones that used our system as normal. While most users are like this, some will try to hack or may accidentally or deliberately break our system. It’s important to be ready for these problem users as well!
Badly configured proxy servers
For example, I’ve seen badly configured proxy servers start requesting a user’s last URL over and over again. I was able to identify the user’s session by its cookie and then trace the session back to the registered customer. Logs showed that the user was legitimate. For some reason, fifteen minutes after the user’s last request, the request started reappearing in the logs. At first, these requests were coming in every thirty seconds. They kept accelerating, though. Ten minutes later, we were getting four or five requests every second. These requests had the user’s identifying cookie but not his session cookie. So each request was creating a new session. It strongly resembled a DDoS attack, except that it came from one particular proxy server in one location.
Once again, we see that sessions are the Achilles’ heel of web applications. Want to bring down nearly any dynamic web application? Pick a deep link from the site and start ...