October 14, 2010, 7:53 AM — Kaspersky's Dennis Fisher also points out a new tool from Microsoft designed to scan new application code and point out places that might become flaws to be exploited for DDOS or malware attacks.
The free SDK Regex Fuzzer scans application code to find places that use common expressions in a way that can be exploited to increase the impact of a Denial of Service attack. ReDos attacks concentrate on functions that could respond very slowly if the call that hits them includes requirements dramatically larger or less specific than they require.
A DOS attack whose impact becomes greater when it hits the victim's applications is more likely to succeed because fewer sources of the request are needed and the smaller number are less likely to be filtered out by firewalls and gateways.
ReDos attacks are particularly well suited for Cloud Computing-based applications, whose capacity may be much higher than most 'net-connected systems, but which are much more exposed to the 'net because they're designed with far more points of connectivity than most applications or operating systems.
(The post also has my favorite pointless aside of the week, from MSDN Mag writer Bryan Sullivan: "Here is where things get 'interesting' (as in horribly dangerous).")