Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack

From: Toni Ruottu <toni.ruottu () iki fi>
Date: Thu, 14 Apr 2011 19:31:06 +0300
Also, you mention some todo items in the comments. Are these still
relevant. Do you just want some light testing and feedback before
final polish, or is this still more like an early prototype?

You are saying that performing the attack takes a long time. Slowloris
site links a video where Sam Bowne demonstrates the attack in front of
live audience, and it takes seconds rather than days. Is the nmap
script different, or is it a server-side thing?

I am just asking these additional questions, so we could look at this
more efficiently while you are away. Have a good time abroad.

On Thu, Apr 14, 2011 at 7:08 PM, Gutek <ange.gutek () gmail com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 14/04/2011 17:41, Toni Ruottu a écrit :

Also, I wonder if the script should use verbose output instead of
debugging output.

On Sun, Apr 10, 2011 at 5:44 PM, Toni Ruottu <toni.ruottu () iki fi> wrote:

I would change the output to something like

 | http-slowloris:
 |   Vulnerable
 |   The DoS attack took +3m40s
 |   with 32 concurrent connections
 |_  and 66 sent queries


Thanks Toni for your suggestions. Unfortunately I'll be abroad for a
week, but I will apply those remarks asap. Any other ideas during this
week are also welcome.

Thanks again and regards,

A.G.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAk2nHAIACgkQ3aDTTO0ha7imOwCdFHeBymKMM+dlGxbMwKdFb4W/
clEAn3z3vIbZfHVQG/8xmzbsV+9T7CFo
=lcEB
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: