You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Dirk-Willem van Gulik <di...@webweaving.org> on 2009/06/20 19:51:26 UTC

slowloris

Just noticed attached posting on debian security. This very much mimics 
our initial approach at JRC in the mid 90's when we got hit by pretty 
much the same attack at slowloris. Code referenced is at (link has an 
extra dot):

     http://synflood.at/tmp/anti-slowloris.diff

Back then this was pretty effective (except that we would set the 
timeout on trigger of one).

Thanks,

Dw.