Yesterday an interesting HTTP DoS tool has been released. The tool performs a Denial of Service attack on Apache (and some other, see below) servers by exhausting available connections. While there are a lot of DoS tools available today, this one is particularly interesting because it holds the connection open while sending incomplete HTTP requests to the server.
This wasn’t ‘yesterday’ (which would be the 21st of June), but it has been released last week and is called Slowloris. There are several solutions being discussed, so you better keep up with the stream.
– Unomi –
Thanks Unomi. I’ll keep an eye on this.