Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Slow-read DOS

From: "HOGGATT, ANDY F." <hoggatta () OTC EDU>
Date: Tue, 17 Jan 2012 14:06:40 -0600
Greetings all,

We have been experiencing DOS issues today relating to the "slow http" method (see article below).  Has anyone else 
been experiencing these attacks or have any knowledge, or experience on defending against these?  They seem to be very 
sporadic.  The access logs have the following entry in the HTTP header :

"FAKEVERB / HTTP/1.1" 301 227 http://code.google.com/p/slowhttptest/

Feel free to email me directly, if you'd prefer.

http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/232301367/new-denial-of-service-attack-cripples-web-servers-by-reading-slowly.html

Thank you,

Andy Hoggatt
hoggatta () otc edu
Previous By Date Next
Previous By Thread Next

Current thread: