SlowLoris can down your domino server
Category apache domino web attack
If you have not heard about SlowLoris and other HTTP DOS tools, it's time to listen
All version of Apache server are vulnerable by this http dos attack.
very simple to experiment, just a few commands to get the tool and test against any webserver.
For my first test, i have attacked my webserver, a simple apache2 server, listening on the default 80 port.
3 seconds later, the site became unavailable.
The only informations i found against this is:
Mod_antiloris which is a mod for apache. --> this was not working for me, maybe a bad config.
A reverse proxy (not apache based of course) in front of apache. --> the only real solution for the moment, plus it can help to create High availaible service.
After installing the reverse proxy, i decided to test slowloris against my domino server.
3 seconds later, the domino web server became very long to answer but continue to serve page (very slowly)
So i can advice you to check you apache and domino server and put a reverse proxy in front of them.
more info here: http://ha.ckers.org/blog/20090617/slowloris-http-dos/
If you have not heard about SlowLoris and other HTTP DOS tools, it's time to listen
All version of Apache server are vulnerable by this http dos attack.
very simple to experiment, just a few commands to get the tool and test against any webserver.
For my first test, i have attacked my webserver, a simple apache2 server, listening on the default 80 port.
3 seconds later, the site became unavailable.
The only informations i found against this is:
Mod_antiloris which is a mod for apache. --> this was not working for me, maybe a bad config.
A reverse proxy (not apache based of course) in front of apache. --> the only real solution for the moment, plus it can help to create High availaible service.
After installing the reverse proxy, i decided to test slowloris against my domino server.
3 seconds later, the domino web server became very long to answer but continue to serve page (very slowly)
So i can advice you to check you apache and domino server and put a reverse proxy in front of them.
more info here: http://ha.ckers.org/blog/20090617/slowloris-http-dos/
