Wednesday, June 17
New HTTP Flooding Tool - Apache Default Configuration
As application layer vulnerability research keeps driving forward, the guys over at ha.ckers.org keep blasting out lots of good stuff. This time its slowloris which is essentially an HTTP denial of service attack on certain types of web servers (very popular ones too!). At a high-level the attack creates a large number of partial HTTP connections very similar to TCP flood attacks of old, but of course at the application layer not the network layer.