ModSecurity Advanced Topic of the Week: Mitigating Slow HTTP DoS Attacks
With the recent OWASP AppSec DC presentation on Slow HTTP POST DoS attacks, the issue of web server platform DoS concerns have reached a new high. Notice that I said, web server platform and not web application code. The attack scenario raised by slow HTTP POST attack is related to web server software (Apache, IIS, SunONE, etc...) and can not be directly mitigated by the application code. In the blog post, we will highlight the two main varieties of slow HTTP attacks - slow request headers and slow request bodies. We will then provide some new mitigation options for the Apache web server platform with ModSecurity.
More Info: http://blog.spiderlabs.com
Volut-ID | World News Articles
All news of interest and can provide an info for you, and so can assist in the search for new news.
About news gadgets, mobile phones
info about the latest mobile phone, from news, features, and the most mobile phone models in search of the world.
No response to “Mitigating Slow HTTP DoS Attacks”
Leave a reply