From the course: Threat Modeling: Denial of Service and Elevation of Privilege

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

How attackers fill storage

How attackers fill storage

From the course: Threat Modeling: Denial of Service and Elevation of Privilege

Start my 1-month free trial

How attackers fill storage

- [Instructor] Storage includes not only hard drives and flashcards, but tapes and other exotic storage material. It's easy to fill up yourself. Just start recording high quality videos and wow. But there are ways to fill a disc you don't have direct access to. A very long time ago, our mail spool filled up with copies of a UNIX kernel. It turned out to be an angry spouse who later apologized for sending those as emails. She didn't realize we had a shared email infrastructure. Sites like Instagram store billions of photos, most of which are viewed by less than a handful of people, but Instagram knows they're doing that. What about filling up a file system? Making lots of connections can fill logs, but logs are small and they rotate. Much more useful is to exploit parsers that cause things to grow. Usually, these are intentional decompressors and the classic is to craft a zip file that says, we have a billion copies of this…

Contents