You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Dirk-Willem van Gulik <di...@webweaving.org> on 2009/06/20 19:51:26 UTC
slowloris
Just noticed attached posting on debian security. This very much mimics
our initial approach at JRC in the mid 90's when we got hit by pretty
much the same attack at slowloris. Code referenced is at (link has an
extra dot):
http://synflood.at/tmp/anti-slowloris.diff
Back then this was pretty effective (except that we would set the
timeout on trigger of one).
Thanks,
Dw.