Slowloris is the name of a perl-based HTTP client that can
be used as a denial of service against Apache-based HTTP servers.
Slowloris tries to keep many connections to the target web
server open and hold them open as long as possible.
It accomplishes this by opening connections to the target
web server and sending a partial request. Periodically, it will send subsequent
HTTP headers, adding to—but never completing—the request. Affected servers will
keep these connections open, filling their maximum concurrent connection pool,
eventually denying additional connection attempts from clients.
Reference:- http://en.wikipedia.org/wiki/Slowloris
Reference:- http://en.wikipedia.org/wiki/Slowloris
How to mitigate Slowloris Attack. :- http://www.funtoo.org/Slowloris_DOS_Mitigation_Guide
No comments:
Post a Comment