Sergey Shekyan, senior software engineer with Qualys, has published proof-of-concept code that takes a different spin on the slow HTTP denial-of-service (DoS) attack sim- ply by dragging out the process of reading the server’s response—and ultimately over- whelming it.
This researcher has added the so-called Slow Read attack to his open source slowhttptest tool. Slow Read basically sends a legitimate HTTP request, then slowly reads the response, thus keeping open as many connections as possible and eventually causing a DoS.
Denial of Service attacks are the single biggest threat from black-hats and other baddies against software-as-a-service providers. Read more here...
No comments:
Post a Comment