Page MenuHomePhabricator

Rate limit outbound requests in Macros
ClosedPublic

Authored by epriestley on Mar 26 2015, 1:55 PM.
Tags
None
Referenced Files
F14057858: D12168.diff
Sun, Nov 17, 7:22 AM
F13999626: D12168.diff
Thu, Oct 24, 4:04 PM
F13974804: D12168.diff
Oct 18 2024, 7:27 AM
Unknown Object (File)
Oct 13 2024, 10:36 PM
Unknown Object (File)
Oct 13 2024, 9:04 PM
Unknown Object (File)
Oct 12 2024, 11:56 PM
Unknown Object (File)
Oct 12 2024, 11:54 PM
Unknown Object (File)
Oct 12 2024, 11:53 PM
Subscribers

Details

Summary

Ref T6755. Although we do not return response bodies, it is possible to perform crude portscanning if you can execute a DNS rebinding attack (which, for now, remains theoretical).

Limit users to 60 requests / hour to make it less feasible. This would require ~30 years to portscan all ports on a /32 netblock.

Users who can guess that services may exist can confirm their existence more quickly than this, but if the attacker already had a very small set of candidate services it seems unlikely that portscanning would be of much use in executing the attack.

This protection should eventually be applied to T4190, too (that task also has other considerations).

Test Plan

Set rate limit very low, hit rate limit.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley retitled this revision from to Rate limit outbound requests in Macros.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
btrahan edited edge metadata.
This revision is now accepted and ready to land.Mar 26 2015, 6:09 PM
This revision was automatically updated to reflect the committed changes.