On 4/04/2010 11:32 a.m., Nerius Landys wrote:
So, when I run the 100 thread program against my max-80-clients server, and each of the 100 threads takes over one minute to send the complete HTTP request header, my Apache httpd server becomes unavailable to other incoming connections. In other words, it's a DoS attack originating from a single client host.
This is called 'slow loris' attack. That'll give you something to Google for :)
Cheers, Nicholas Sherlock --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|