AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Mod organizer slow2/26/2023 ![]() ![]() If the attacker keeps every HTTP request open and feeds the server bogus data before the timeout is reached, the HTTP connection will remain open until the attacker closes it. In a slow HTTP POST attack, the attacker declares a large amount of data to be sent in an HTTP POST request and then sends it very slowly.Ī malicious user can open many connections to the server by initiating HTTP requests but not closing them. A variation of this vulnerability is the slow HTTP POST vulnerability. It takes advantage of a vulnerability in thread-based web servers, which wait for entire HTTP headers to be received before releasing the open connection. A slow HTTP Denial of Service attack (DoS), otherwise referred to as the Slowloris HTTP attack, makes use of HTTP GET requests to occupy all available HTTP connections permitted by a web server. ![]()
0 Comments
Read More
Leave a Reply. |