httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nikhil kohli <ce.kohli.nik...@gmail.com>
Subject slowloris DoS attack-How to check time taken by server for reading a request
Date Tue, 01 Sep 2009 09:58:23 GMT
Hello Everyone,

This is regarding the slowloris issue. I'm trying to mitigate this issue
using iptables by restricting the no. of connection to a certain limit. Also
i see the new experimental module mod_noloris.c having similar approach to
mitigate slowloris attack. I have few questions regarding this  approach.
1. Can we mitigate the issue using iptables only?
2. Even mod_noloris.c is vulnerable to slowloris attack, will there be a
change in approach for solving this in future?
3. Is there a way to delay the process of creating connection until whole
header is received?
4. How to check time taken by server for reading the request?
Also, may i know if apache team acknowledge slowloris as issue or not?
Thanks in advance.
Thanks and Regards,
Nikhil Kohli

Mime
View raw message