Not yet a member? No problem!
Sign-up just takes a second.
Forgot your password?
Recover it now.
Already signed up?
Log in now.
Forgot your password?
Recover it now.
Not yet a member? No problem!
Sign-up just takes a second.
Remember your password?
Log in now.
5 Comments
antsays...*geek
siftbotsays...Adding video to channels (Geek) - requested by ant.
JustSayingsays...Upvote despite the disappointing lack of cute primates.
Baristansays...Is it really that hard to detect 200 open sockets from the same IP addr?
Mordhaussays...No, and that is a method to combat Slow Loris. You can also raise the number of concurrent connections, decrease the timeout on connection response, setting up reverse proxies, and other methods in a similar fashion.
The problem is that you can also modify Slow Loris to work around those methods. The only certain way to block it is to use a webserver software that is not affected by Slow Loris, but then you can encounter other difficulties.
Like he said, for large companies that are prepared, Slow Loris is not nearly as effective. But for smaller web sites or for shoddily put together ones (a LOT of government sites), Slow Loris is a nasty DOS attack.
Is it really that hard to detect 200 open sockets from the same IP addr?
Discuss...
Enable JavaScript to submit a comment.