Page MenuHomePhabricator

Rate limit outbound requests in Macros
ClosedPublic

Authored by epriestley on Mar 26 2015, 1:55 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Nov 28, 9:22 AM
Unknown Object (File)
Wed, Nov 27, 2:27 PM
Unknown Object (File)
Nov 21 2024, 2:37 AM
Unknown Object (File)
Nov 20 2024, 4:41 AM
Unknown Object (File)
Nov 17 2024, 7:22 AM
Unknown Object (File)
Oct 24 2024, 4:04 PM
Unknown Object (File)
Oct 18 2024, 7:27 AM
Unknown Object (File)
Oct 13 2024, 10:36 PM
Subscribers

Details

Summary

Ref T6755. Although we do not return response bodies, it is possible to perform crude portscanning if you can execute a DNS rebinding attack (which, for now, remains theoretical).

Limit users to 60 requests / hour to make it less feasible. This would require ~30 years to portscan all ports on a /32 netblock.

Users who can guess that services may exist can confirm their existence more quickly than this, but if the attacker already had a very small set of candidate services it seems unlikely that portscanning would be of much use in executing the attack.

This protection should eventually be applied to T4190, too (that task also has other considerations).

Test Plan

Set rate limit very low, hit rate limit.

Diff Detail

Repository
rP Phabricator
Branch
newfromfiledownload
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 4987
Build 5005: [Placeholder Plan] Wait for 30 Seconds

Event Timeline

epriestley retitled this revision from to Rate limit outbound requests in Macros.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
btrahan edited edge metadata.
This revision is now accepted and ready to land.Mar 26 2015, 6:09 PM
This revision was automatically updated to reflect the committed changes.