Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do we crash systems, browsers, or otherwise bring things to a halt, and how do we protect those things? 

Current Page: 1 of 1
Results 1 - 3 of 3
4 years ago
lh6lejw7k8
Some log entries that show (after hiding the IP addresses) x.x.x.x - - [27/Oct/2009:17:58:21 +0800] "GET / HTTP/1.1" 400 0 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)" x.x.x.x - - [27/Oct/2009:17:58:22 +0800] "GET / HTTP/1.1" 400 0 &qu
Forum: DoS
4 years ago
lh6lejw7k8
Thanks for the pointer id. Tested it out, the nginx process takes in more connections with the max file descriptors raised, which means that the limitation is no longer with nginx. Nginx actually kicks out connections if the request is not completed within a time period (60 secs by default), regardless of whether headers are coming in slowly or not, so SlowLoris in itself is definitely useless
Forum: DoS
5 years ago
lh6lejw7k8
I've been testing slowloris against nginx to understand the slowloris attack more, and I need help to make sense of it. From the original thread comments http://ha.ckers.org/blog/20090617/slowloris-http-dos/ it seems that slowloris exhausts _some_ resource specific to the web server, and that for Apache it is max clients. In my tests against nginx (on a debian machine http://blog.rayfoo.info
Forum: DoS
Current Page: 1 of 1