WhiteHat Security Founder & CTO Jeremiah Grossman recently provided a neat infographic outlining the top vulnerability methods for websites, which for us shows a lot of room to grow in DDoS protection. We wanted to share it with you as it illustrates just how far we have to go in securing the web. What’s amazing to me is that 29% of websites are likely vulnerable to brute force! Open source firewalls like iptables are able to stop this using modules like conntrack, recent, and hashlimit. Most brute force attacks can be stopped without deep packet inspection. Incidentally, a basic level of DDoS protection can also be provided using these modules. After all, DDoS attacks are a type of brute force attack. The best part, the tools are free! You just need the hardware. With advancements in CPUs and network stacks, you can easily achieve millions of packets per second in iptables.
Insufficient transport security at 70% and Information leakage at 56% are not at all surprising. This is a great infographic for all website administrators. Take this and keep it pinned to your desktop. You can see the full report by visiting the WhiteHat Security website. Thanks Jeremiah for the great resource.