Page MenuHomePhabricator

Rate limit outbound requests in Macros
ClosedPublic

Authored by epriestley on Mar 26 2015, 1:55 PM.
Tags
None
Referenced Files
F12835879: D12168.diff
Thu, Mar 28, 3:28 PM
F12809614: D12168.id29242.diff
Wed, Mar 27, 9:39 PM
Unknown Object (File)
Fri, Mar 15, 1:13 AM
Unknown Object (File)
Feb 14 2024, 11:35 AM
Unknown Object (File)
Feb 5 2024, 8:58 AM
Unknown Object (File)
Feb 3 2024, 2:42 AM
Unknown Object (File)
Jan 16 2024, 11:12 PM
Unknown Object (File)
Jan 13 2024, 10:48 PM
Subscribers

Details

Summary

Ref T6755. Although we do not return response bodies, it is possible to perform crude portscanning if you can execute a DNS rebinding attack (which, for now, remains theoretical).

Limit users to 60 requests / hour to make it less feasible. This would require ~30 years to portscan all ports on a /32 netblock.

Users who can guess that services may exist can confirm their existence more quickly than this, but if the attacker already had a very small set of candidate services it seems unlikely that portscanning would be of much use in executing the attack.

This protection should eventually be applied to T4190, too (that task also has other considerations).

Test Plan

Set rate limit very low, hit rate limit.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley retitled this revision from to Rate limit outbound requests in Macros.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
btrahan edited edge metadata.
This revision is now accepted and ready to land.Mar 26 2015, 6:09 PM
This revision was automatically updated to reflect the committed changes.