» Slowloris HTTP DoS

[MaXe]

Hi there,


I stumbled over this and thought I'd share, quoted from the official site:

Quote:

In considering the ramifications of a slow denial of service attack against particular services, rather than flooding networks, a concept emerged that would allow a single machine to take down another machine's web server with minimal bandwidth and side effects on unrelated services and ports. The ideal situation for many denial of service attacks is where all other services remain intact but the webserver itself is completely inaccessible. Slowloris was born from this concept, and is therefore relatively very stealthy compared to most flooding tools.

You can read more about the tool at RSnake's Blog:
http://ha.ckers.org/blog/20090617/slowloris-http-dos
Or follow the external link below which is the main site of Slowloris.

External Links:
http://ha.ckers.org/slowloris/


All of the best,
MaXe

[Tsukasa]

Interesting Thanks for sharing

[HitThemLow]

Ew, WHile I thank you for sharing, I cant believe Rsnake posted a DoS tool, and one that requires 0 skill to pull off :\

THis is basicly letdown + naptha eh MaXe?

[MaXe]

No it's different HTL :-) If you read his blog-post you can see that he is abusing
forked webservers like the way Apache does it. This only crashes the HTTP
service while the other services on the machine will (or should) continue to
run without any effect.

That's what I think is evil yet cool about this. However there are ways of
protecting yourself against this of course, even though better architecture
and development of code should prevent this in the future.