Slow loris HTTP attack

Slowloris is the name of a perl-based HTTP client that can be used as a denial of service against Apache-based HTTP servers.

Slowloris tries to keep many connections to the target web server open and hold them open as long as possible.

It accomplishes this by opening connections to the target web server and sending a partial request. Periodically, it will send subsequent HTTP headers, adding to—but never completing—the request. Affected servers will keep these connections open, filling their maximum concurrent connection pool, eventually denying additional connection attempts from clients.

Reference:- http://en.wikipedia.org/wiki/Slowloris

How to mitigate Slowloris Attack. :- http://www.funtoo.org/Slowloris_DOS_Mitigation_Guide

What tools are available to assess the security of a web application?

There's a large number of apps that can be used in web application assessments. One thing to consider is what kind of tool you're looking for.
Some of them are better used alongside a manual test, where others are more designed for non-security specialist IT staff as more "black box" scanning tools.

On top of that there's a huge range of scripts and point tools that can be used to assess specific areas of web application security.

• Accunetix
• Burp suite
• SQLMap
• IBM AppScan
• HP WebInspect
• Paros Proxy
• Fiddler
• OWASP WebScarab
• JSQL

How to protect and harden a database server.

When reviewing database security, it's crucial to concentrate on two areas: how well the system has been hardened, and how the data and database access is controlled. Most hackers target the data held in a database. Therefore the server, where the database resides, needs to be hardened and protected, both physically and logically. Ideally, the database will be on its own dedicated machine, but it should never reside on a public-facing server, such as a Web server. Naturally, all system and database program patches should be installed, and unnecessary features should be removed or disabled. Most database programs have several default accounts and passwords, all of which need to be changed.

After assessing the Web Server's security, check the database connections, access controls and the table access controls, because any weaknesses will negate the hardening measures performed on the server. 

• Any applications that connect to the database should use an encrypted link, even if the database resides in a controlled network.
• Applications and users that connect to the database should only have the minimum privileges required to complete their tasks, and access to system level resources should be controlled with access control lists (ACL). 
• It is also important to check that different database connections are used for application administration and normal user activities.
• Data should only be accessible through stored procedures as they provide another layer of data access control.
• If information security policies require data to be encrypted, then the database connection must not allow clear text access to the data. 
• Also, encrypted data should not store the encryption key on the database server.

Another security layer of a more sophisticated nature includes real-time Database Activity Monitoring, either by analyzing protocol traffic (SQL) over the network, or by observing local database activity on each server using software agents, or both. Use of agents or native logging is required to capture activities executed on the database server, which typically include the activities of the database administrator. Agents allow this information to be captured in a fashion that cannot be disabled by the database administrator, who has the ability to disable or modify native audit logs.