609 views

8:25

Watch
- Search Videos
  
  Advanced search »
- Submit a New Video
Discuss
About
- Try clicking on the various channels to see videos posted to that channel - if you're into music you can click the Music channel to get more music sifts - go on and explore! Use the "hotness" when you have opened the channel link to get videos that have gotten a lot of votes, or use "newness" to have a look at the new sifts.
  When browsing sifts you like, have a look at the Related Posts list to see other related videos, click the tags under the video title to see more sifts tagged with the same tags or have a look at other sifts from the same user in the More Posts By list. If the sifted video is in a play list, have a look at the play list to see other interesting videos the Sift users have linked together.
  Enter the Sift Lounge to chat with online sifters about anything and everything, or read interesting posts in the Sift Talk forum.
  The Top New Videos list is always full of interesting, current videos. It is always recommended that you have a look through the Top New Videos, but also have a look at these:
  - Upcoming Unsifted Videos - active video submissions that neither are published to the front page nor archived to the submitter's personal queue
- Have you seen a really funny, surprising, scary, interesting, cute or in any other way extra good quality video?
  Post and share it here - VideoSift is the best video aggregator on the Web, where we share, discuss, promote, and interact with the best videos out there on the web. Post it here, and share it with the large community of video-interested users. And - you are guaranteed to find more very good videos here already!
  Mind you, we only share videos you discover that someone else has made; if you "self link," by posting a video you have made, have posted or have interests in, you risk the ban hammer - read the posting guidelines before posting. The sift is NOT for promoting your own videos - it is for sharing videos others have made.
  Submit a Video Now »
Login

Slow Loris Attack - Computerphile

submitted by Mordhaus

7 years 6 months ago

Denial of service usually relies on a flood of data. Slow Loris takes a more elegant approach, and almost bores a server to death. Dr Mike Pound explains.

5 Comments

ant

says...

*geek

siftbot

says...

Adding video to channels (Geek) - requested by ant.

JustSaying

says...

Upvote despite the disappointing lack of cute primates.

Baristan says...

Is it really that hard to detect 200 open sockets from the same IP addr?

Mordhaus

says...

No, and that is a method to combat Slow Loris. You can also raise the number of concurrent connections, decrease the timeout on connection response, setting up reverse proxies, and other methods in a similar fashion.

The problem is that you can also modify Slow Loris to work around those methods. The only certain way to block it is to use a webserver software that is not affected by Slow Loris, but then you can encounter other difficulties.

Like he said, for large companies that are prepared, Slow Loris is not nearly as effective. But for smaller web sites or for shoddily put together ones (a LOT of government sites), Slow Loris is a nasty DOS attack.

Baristansaid:

Is it really that hard to detect 200 open sockets from the same IP addr?