SlideShare a Scribd company logo

Security problems - Ddos Slowloris HTTP Dos

Gichan Lee
Gichan Lee

This document discusses the Slowloris HTTP denial of service (DoS) attack. Slowloris works by opening many connections to a target web server and holding them open as long as possible to overload the server's resources. It differs from a traditional DDoS attack by gradually increasing open sessions with minimal bandwidth until the server runs out of resources and denies service to other clients. The document explains how Slowloris works at a technical level by sending incomplete acknowledgement signals to servers to keep connections open indefinitely.

Software
1 of 9
Download to read offline
Slowloris HTTP Dos Gichan_Lee_Alex
Slowloris • “Slowloris is a piece of software written by Robert "RSnake" Hansen which allows a single machine to take down another machine's web server with minimal bandwidth”(Wiki) • Slowloris tries to keep many connections to the target web server open and hold them open as long as possible.
Features • This is based on HTTP get Flooding • Attacking PC is only one face-to-face • It has a very normal session • It does not leave the log until the attack ends. • Target is located in the architecture itself of the server, therefore it’s difficult to defense originally.
Are you dead yet?
RUDY(R-U-Dead-Yet?) • RUDY is translated into 
 “아직 죽지 않았니?” in Korean. it means that dying slowly.
 Slowloris is a subset of RUDY that is kind of DDoS. • RUDY is different from general DDoS attack. The biggest difference is a attacking way. • Slowloris has a method that gradually increasing the session established, and then gradually undermine those target server resources instead of sending a large traffic the server can’t endure. when sessions the server had become full, the server will die
Principle OPENED OPENED OPENED OPENED OPENED OPENED OPENED Denial of Service other clients
Client Server SYN SYN-ACK Connection established Incomplete ACK The ACK signal to server have to be ended with ‘0d0a0d0a’ BUT Slowloris sends only first ‘0d0a-’. therefore the server will wait the remainder ‘-0d0a’ with established connection
Environment Target Server : 172.17.22.178 Slowloris.pl
DEMO

Recommended

Snapshots In Red Hat Storage Server Overview & Quickstart
Snapshots In Red Hat Storage Server Overview & QuickstartSnapshots In Red Hat Storage Server Overview & Quickstart
Snapshots In Red Hat Storage Server Overview & Quickstart
Red_Hat_Storage
 
DDoS Attack
DDoS AttackDDoS Attack
DDoS Attack
Gopi Krishnan S
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
Anil Antony
 
DDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & InformationDDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & Information
jenkoon
 
Denial of service
Denial of serviceDenial of service
Denial of service
SaritaTripathy4
 
The Principles of Modern Attacks Analysis for Penetration Tester
The Principles of Modern Attacks Analysis for Penetration TesterThe Principles of Modern Attacks Analysis for Penetration Tester
The Principles of Modern Attacks Analysis for Penetration Tester
CSCJournals
 
D dos attack
D dos attackD dos attack
D dos attack
HarshitParkar6677
 
Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1
InfoSec Girls
 

Recommended

Snapshots In Red Hat Storage Server Overview & Quickstart
Snapshots In Red Hat Storage Server Overview & QuickstartSnapshots In Red Hat Storage Server Overview & Quickstart
Snapshots In Red Hat Storage Server Overview & Quickstart
Red_Hat_Storage
 
DDoS Attack
DDoS AttackDDoS Attack
DDoS Attack
Gopi Krishnan S
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
Anil Antony
 
DDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & InformationDDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & Information
jenkoon
 
Denial of service
Denial of serviceDenial of service
Denial of service
SaritaTripathy4
 
The Principles of Modern Attacks Analysis for Penetration Tester
The Principles of Modern Attacks Analysis for Penetration TesterThe Principles of Modern Attacks Analysis for Penetration Tester
The Principles of Modern Attacks Analysis for Penetration Tester
CSCJournals
 
D dos attack
D dos attackD dos attack
D dos attack
HarshitParkar6677
 
Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1
InfoSec Girls
 
Implementation Of real testbed of DDOS
Implementation Of real testbed of DDOSImplementation Of real testbed of DDOS
Implementation Of real testbed of DDOS
Jatin Singh
 
Complete Guide to Xerxes DDoS Tool Commands.pdf
Complete Guide to Xerxes DDoS Tool Commands.pdfComplete Guide to Xerxes DDoS Tool Commands.pdf
Complete Guide to Xerxes DDoS Tool Commands.pdf
uzair
 
DoS/DDoS
DoS/DDoSDoS/DDoS
DoS/DDoS
Vihari Piratla
 
DOS
DOSDOS
DOS
root D'nine
 
Information Security Systems
Information Security SystemsInformation Security Systems
Information Security Systems
Eyad Mhanna
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
Hansa Nidushan
 
DDos
DDosDDos
DDos
rohit verma
 
DOS attack.pptx
DOS attack.pptxDOS attack.pptx
DOS attack.pptx
HrudayBGowda
 
Denial of-service (do s) attack
Denial of-service (do s) attackDenial of-service (do s) attack
Denial of-service (do s) attack
HTS Hosting
 
Denial of service
Denial of serviceDenial of service
Denial of service
garishma bhatia
 
denialofservice.pdfdos attacck basic details with interactive design
denialofservice.pdfdos attacck basic details with interactive designdenialofservice.pdfdos attacck basic details with interactive design
denialofservice.pdfdos attacck basic details with interactive design
perfetbyedshareen
 
Dos threats and countermeasures
Dos threats and countermeasuresDos threats and countermeasures
Dos threats and countermeasures
n|u - The Open Security Community
 
TYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptxTYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptx
RohanMistry15
 
Dos
DosDos
Dos
root D'nine
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
Radware
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
Ahmed Ghazey
 
모바일 페이먼트 시장의 분석과 삼성페이 간단한 전망
모바일 페이먼트 시장의 분석과 삼성페이 간단한 전망모바일 페이먼트 시장의 분석과 삼성페이 간단한 전망
모바일 페이먼트 시장의 분석과 삼성페이 간단한 전망
Gichan Lee
 
졸업작품 캡스톤 디자인 중간발표자료
졸업작품 캡스톤 디자인 중간발표자료졸업작품 캡스톤 디자인 중간발표자료
졸업작품 캡스톤 디자인 중간발표자료
Gichan Lee
 
인문학 특강 소감 작성
인문학 특강 소감 작성인문학 특강 소감 작성
인문학 특강 소감 작성
Gichan Lee
 
Technical writing - Poster session
Technical writing - Poster sessionTechnical writing - Poster session
Technical writing - Poster session
Gichan Lee
 
Technical instruction practice
Technical instruction practiceTechnical instruction practice
Technical instruction practice
Gichan Lee
 
PINTOS Operating system homework 2
PINTOS Operating system homework 2PINTOS Operating system homework 2
PINTOS Operating system homework 2
Gichan Lee
 

More Related Content

Similar to Security problems - Ddos Slowloris HTTP Dos

Complete Guide to Xerxes DDoS Tool Commands.pdf
Complete Guide to Xerxes DDoS Tool Commands.pdfComplete Guide to Xerxes DDoS Tool Commands.pdf
Complete Guide to Xerxes DDoS Tool Commands.pdf
uzair
 

Similar to Security problems - Ddos Slowloris HTTP Dos (16)

Implementation Of real testbed of DDOS
Implementation Of real testbed of DDOSImplementation Of real testbed of DDOS
Implementation Of real testbed of DDOS
 
Complete Guide to Xerxes DDoS Tool Commands.pdf
Complete Guide to Xerxes DDoS Tool Commands.pdfComplete Guide to Xerxes DDoS Tool Commands.pdf
Complete Guide to Xerxes DDoS Tool Commands.pdf
 
DoS/DDoS
DoS/DDoSDoS/DDoS
DoS/DDoS
 
DOS
DOSDOS
DOS
 
Information Security Systems
Information Security SystemsInformation Security Systems
Information Security Systems
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
 
DDos
DDosDDos
DDos
 
DOS attack.pptx
DOS attack.pptxDOS attack.pptx
DOS attack.pptx
 
Denial of-service (do s) attack
Denial of-service (do s) attackDenial of-service (do s) attack
Denial of-service (do s) attack
 
Denial of service
Denial of serviceDenial of service
Denial of service
 
denialofservice.pdfdos attacck basic details with interactive design
denialofservice.pdfdos attacck basic details with interactive designdenialofservice.pdfdos attacck basic details with interactive design
denialofservice.pdfdos attacck basic details with interactive design
 
Dos threats and countermeasures
Dos threats and countermeasuresDos threats and countermeasures
Dos threats and countermeasures
 
TYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptxTYPES OF CYBER ATTACKS.pptx
TYPES OF CYBER ATTACKS.pptx
 
Dos
DosDos
Dos
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 

More from Gichan Lee

직무분석과 역량개발 - 커리어 수업 자료
직무분석과 역량개발 - 커리어 수업 자료직무분석과 역량개발 - 커리어 수업 자료
직무분석과 역량개발 - 커리어 수업 자료
Gichan Lee
 

More from Gichan Lee (12)

모바일 페이먼트 시장의 분석과 삼성페이 간단한 전망
모바일 페이먼트 시장의 분석과 삼성페이 간단한 전망모바일 페이먼트 시장의 분석과 삼성페이 간단한 전망
모바일 페이먼트 시장의 분석과 삼성페이 간단한 전망
 
졸업작품 캡스톤 디자인 중간발표자료
졸업작품 캡스톤 디자인 중간발표자료졸업작품 캡스톤 디자인 중간발표자료
졸업작품 캡스톤 디자인 중간발표자료
 
인문학 특강 소감 작성
인문학 특강 소감 작성인문학 특강 소감 작성
인문학 특강 소감 작성
 
Technical writing - Poster session
Technical writing - Poster sessionTechnical writing - Poster session
Technical writing - Poster session
 
Technical instruction practice
Technical instruction practiceTechnical instruction practice
Technical instruction practice
 
PINTOS Operating system homework 2
PINTOS Operating system homework 2PINTOS Operating system homework 2
PINTOS Operating system homework 2
 
PINTOS Operating system homework
PINTOS Operating system homeworkPINTOS Operating system homework
PINTOS Operating system homework
 
커리어 서평 과제, 담 - The Wall
커리어 서평 과제, 담 - The Wall커리어 서평 과제, 담 - The Wall
커리어 서평 과제, 담 - The Wall
 
기업분석과제물 - 커리어
기업분석과제물 - 커리어기업분석과제물 - 커리어
기업분석과제물 - 커리어
 
직무분석과 역량개발 - 커리어 수업 자료
직무분석과 역량개발 - 커리어 수업 자료직무분석과 역량개발 - 커리어 수업 자료
직무분석과 역량개발 - 커리어 수업 자료
 
POS machine term project
POS machine term projectPOS machine term project
POS machine term project
 
No sql survey report
No sql survey reportNo sql survey report
No sql survey report
 

Recently uploaded

GraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysisGraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysis
Neo4j
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
wottaspaceseo
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
Tendenci - The Open Source AMS (Association Management Software)
 

Recently uploaded (20)

Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
GraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysisGraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysis
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
 
Breaking the Code : A Guide to WhatsApp Business API.pdf
Breaking the Code : A Guide to WhatsApp Business API.pdfBreaking the Code : A Guide to WhatsApp Business API.pdf
Breaking the Code : A Guide to WhatsApp Business API.pdf
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
Advanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should KnowAdvanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should Know
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
 
Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
AI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning Framework
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
Designing for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web ServicesDesigning for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web Services
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
 
Studiovity film pre-production and screenwriting software
Studiovity film pre-production and screenwriting softwareStudiovity film pre-production and screenwriting software
Studiovity film pre-production and screenwriting software
 

Security problems - Ddos Slowloris HTTP Dos

  • 2. Slowloris • “Slowloris is a piece of software written by Robert "RSnake" Hansen which allows a single machine to take down another machine's web server with minimal bandwidth”(Wiki) • Slowloris tries to keep many connections to the target web server open and hold them open as long as possible.
  • 3. Features • This is based on HTTP get Flooding • Attacking PC is only one face-to-face • It has a very normal session • It does not leave the log until the attack ends. • Target is located in the architecture itself of the server, therefore it’s difficult to defense originally.
  • 5. RUDY(R-U-Dead-Yet?) • RUDY is translated into 
 “아직 죽지 않았니?” in Korean. it means that dying slowly.
 Slowloris is a subset of RUDY that is kind of DDoS. • RUDY is different from general DDoS attack. The biggest difference is a attacking way. • Slowloris has a method that gradually increasing the session established, and then gradually undermine those target server resources instead of sending a large traffic the server can’t endure. when sessions the server had become full, the server will die
  • 7. Client Server SYN SYN-ACK Connection established Incomplete ACK The ACK signal to server have to be ended with ‘0d0a0d0a’ BUT Slowloris sends only first ‘0d0a-’. therefore the server will wait the remainder ‘-0d0a’ with established connection
  • 8. Environment Target Server : 172.17.22.178 Slowloris.pl