New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Slow read, a low resource DoS that targets webservers
https://community.qualys.com/blogs/securitylabs/2012/01/05/slow-read
The trick is to request a page and receive it with a small receving window; is a quite interesting article.
I think that is interesting to exchange the found solutions; right now I'm searching how to mitigate it on cherokee webserver.
Comments
Its kinda interesting, but you would have to keep requesting (in the case of apache) 150 pages every 300 seconds for as long as the DoS lasts ?
Very interesting read (Sets up evil plan, mahaha)
In regards to that one, I want to share you this one:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885
http://www.ocert.org/advisories/ocert-2011-003.html
First part of this is theori:
http://events.ccc.de/congress/2011/Fahrplan/attachments/2007_28C3_Effective_DoS_on_web_application_platforms.pdf
And ooooold one theoric
http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003/index.html
I was about to open a thread about this =P
There is somewhere a PoC about this, and I tried it with an Apache server. I wasn't able to DOS it, but it swaped like an stupid and got very slow. Maybe with a couple of extra machines I can crash it, or at least start to get 503 errors xD
In some way seems that Nginx isn't vulnerable because it process the parameters instead of PHP, or sth like that. And well, as you can see, most of the programming languages that can be applicable to Web services are vulnerable :S
I'm pretty sure on nginx, you can set the read timeouts with client_body_timeout and client_header_timeout, and this shouldn't be a problem.
http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003/index.html
This comes from my Alma Mater. Looks like they are doing good things over there. Of course, they are white as ghost, and they can't get out in the sun. They spend way too much time in the lab.
So, you are white as a ghost too? lol
cough Doesn't look so from their gravatar.