HTTP DoS-attack tool on Apache web server

slowlorisRobert Hansen, a guru in the field of security, has released a new tool for DoS-attacks, exposing serious Web server’s vulnerabilities including Apache and other servers.

Hansen called his tool Slowloris , the most interesting in this utility that it can cause a DoS attack without using a huge amount of traffic as we usually find in other DoS tools.

According to Hansen typically 1000 machine are required to crash down a web server by bombarding the site with traffic but for Slowloris is not the case because it takes up all the available connection for the server by sending unlimited http requests without closing those connections and this makes Apache waiting for the response too long. Apache web servers do have a limit for number of threads which can be used to deplete the memory and cause defacement.

This vulnerability concerns Apache 1.x, Apache 2.x, dhttpd, GoAhead WebServer, and Squid, but still not subject to IIS6,IIS7 and lighttpd because these systems deal with the number of open connections.
This tool is available for free on http://ha.ckers.org/slowloris/ but it is important to note that the attack will not work against the large Web sites with load balancing mechanisms :-) so just try it locally and it should be used just for the educational purposes.

Share