Security Basics mailing list archives
Re: how do you protect yourself from an attack from layer 7
From: michael getachew <michaelhoustong () yahoo com>
Date: Tue, 14 Dec 2010 14:57:22 -0800 (PST)
don't know if you guys know this already but have you heard of slowloris? i've succesfully tested it on many apache servers and have my own port in c which does not choke when you specify a bit more than 10,000 connections. it's completely at layer 7,it basically opens hundreds(if not thousands) of sockets to a server(mostly apache) and sends an initial request for a random page(whether it exists or not) and after a certain amount of time(which you specify) it keeps sending data which in effect keeps that many httpd processes alive on the server and hence cause a dos. anyone that can write code can make their own variant of this exploit. i think apache has a module that will help stop similar attacks but i don't see many people use it. and even the latest releases are vulnerable unless you install that module(iis,nginx,etc... seem to be unaffected. --- On Tue, 12/14/10, Aaron Sigmon <asigmon.cpcc () gmail com> wrote:
From: Aaron Sigmon <asigmon.cpcc () gmail com> Subject: Re: how do you protect yourself from an attack from layer 7 To: security-basics () securityfocus com, enquiries () globalart4u com Date: Tuesday, December 14, 2010, 4:01 PM If you have the money to spend, I would recommend using a Next Generation Firewall. Palo Alto makes a good product. www.paloaltonetworks.com If you are looking for something open source, I would try a web application firewall like ModSecurity. You can download it at www.modsecurity.org On Tue, Dec 14, 2010 at 3:08 AM, Enquiries @ Globalart 4u <enquiries () globalart4u com> wrote:Dear All Have been reading that it is possible to have a denialof service attack vialayer 7 - whats best to protect one's server from anyof the layers beingattacked? Or is that not possible ? Thank you Tallat www.promomat.biz - original gifts - sherlock holmescompendiumwww.promostamper.co.uk - self inking rubber stamps forall your business andcrafting needs www.yuckyslugsandsnails.co.uk - got slugs and snailinfestations see oursolutions if you have any not listed pls advise and wewill add them------------------------------------------------------------------------Securing Apache Web Server with thawte DigitalCertificateIn this guide we examine the importance of Apache-SSLand who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1------------------------------------------------------------------------------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Monitoring high traffic utilization Monah Baki (Dec 13)
- Re: Monitoring high traffic utilization Vincent Duvernet (Nolmë Informatique) (Dec 13)
- Re: Monitoring high traffic utilization TAS (Dec 13)
- Re: Monitoring high traffic utilization Todd Haverkos (Dec 13)
- how do you protect yourself from an attack from layer 7 Enquiries @ Globalart 4u (Dec 14)
- Re: how do you protect yourself from an attack from layer 7 Aaron Sigmon (Dec 14)
- Re: how do you protect yourself from an attack from layer 7 michael getachew (Dec 16)
- how do you protect yourself from an attack from layer 7 Enquiries @ Globalart 4u (Dec 14)
- RE: Monitoring high traffic utilization C. Thomas @ ACS (Dec 13)
- Re: Monitoring high traffic utilization Kurt Buff (Dec 13)
- Re: Monitoring high traffic utilization Adrian J Milanoski (Dec 13)
- Re: Monitoring high traffic utilization Paul Halliday (Dec 13)
- RE: Monitoring high traffic utilization faruk (Dec 14)
- Re: Monitoring high traffic utilization Paul Halliday (Dec 14)
- Re: Monitoring high traffic utilization Bryce Verdier (Dec 14)
- RE: Monitoring high traffic utilization faruk (Dec 14)
- Re: Monitoring high traffic utilization Aaron Sigmon (Dec 14)
- Re: Monitoring high traffic utilization Fedora Hacker (Dec 17)
- <Possible follow-ups>
- RE: Monitoring high traffic utilization Joe C. Korzeniewski (Dec 13)