Description: This Tutorials shows, how you can easily take out an Apache Webserver with one HTTP POST Tool using a std. slow DSL Connection.
This is NO Slowloris Attack!
Limitations of HTTP GET DDOS attack:
- Does not work on IIS web servers or web
servers with timeout limits for HTTP headers.
- Easily defensible using popular load balancers,
such as F5 and Cisco, reverse proxies and
certain Apache modules, such as mod_antiloris.
- Anti-DDOS systems may use "delayed
binding"/"TCP Splicing" to defend against HTTP
GET attacks.
Why HTTP POST DDOS attack works
- This attack can evade Layer 4 detection
techniques as there is no malformed TCP, just
like Slowloris.
- Unlike Slowloris, there is no delay in sending
HTTP Header, hence nullifying IIS built-in
defense, making IIS vulnerable too.
- Size, character sets and time intervals can be
randomised to foil any recognition of Layer 7
traffic patterns by DDOS protection systems.
- Difficult to differentiate from legit connections
which are slow
Video link: http://www.youtube.com/watch?feature=player_embedded&v=lYQFF4Ki8_s
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information