zoukankan      html  css  js  c++  java
  • Web 服务器 low bandth DOS attack

    https://www.owasp.org/images/0/04/Roberto_Suggi_Liverani_OWASPNZDAY2010-Defending_against_application_DoS.pdf

     slowloris

    2015-11-12-1447326425-4837652-1397116836eq3os.jpg

    http://www.huffingtonpost.co.uk/-frontier/slow-loris_b_8541930.html

    • 蜂猴 懒猴
    • slow:    adj. 1.慢的,缓慢的 (opp. fast; qu ...
    • loris:    n. (pl. loris) 【动物;动物学】懒猴属;懒 ...

    消耗掉所有的线程。

    Change http headers to simulate multiple connections/browsers
    Exhaust all threads available

    HTTP POST DoS

    No delay in sending HTTP Headers (!= Slowloris)
    Content
    -
    Length = 1000 bytes
    HTTP message body is sent 1 byte each 110 seconds till the
    last byte
    Require a good number of threads per each machine
    <10k connections to bring down Apache
    ~60k connections for IIS (if rapid fail protection is on)

    HTTP Flooders/DDoS Attack

    Most common L7 attack
    Typically launched from botnets
    Black Energy botnet C&C interface
    Frequencies, thread and command option
     
     
     

    Apache

    Key Directives
    Maxclients, Timeout, KeepAlive and KeepAlive Timeout
    Traffic Shaping
    mod_throttle
    -
    limit the frequency of requests allowed from a
    single client within a window of time
    mod_bwshare
    -
    bandwidth throttling by HTTP client IP address
    mod_limitipconn
    -
    limit the number of simultaneous downloads
    permitted from a single IP address
    mod_dosevasive
    -
    detects too many connections and
    temporaribly block offending IP address
    mod_security

    WAF, filtering, monitoring, loggi

  • 相关阅读:
    枯燥的数据库“三级模式”
    SQL Server四个“系统数据库”作用的简介
    数据库的范式
    使用JMeter进行分布式性能测试
    使用JMeter测试你的EJB
    jmeter资源监控器开发——进入jmeter的源码世界
    如何解决使用JMeter时遇到的问题
    安装jmeter
    SMTP错误码/建议解决方法
    Jmeter接口测试 实例
  • 原文地址:https://www.cnblogs.com/lightsong/p/5793930.html
Copyright © 2011-2022 走看看