[Bug 392759] Re: apache2 DoS attack using slowloris

Dekar dekar at wc3edit.net
Mon Sep 21 08:36:15 BST 2009


It is a serious remote denial of service! It can be used from a single
modem line and take down a whole server without generating any logfiles
except normal access logs. It's funny how you guys treat it as
"Wishlist" for three months even though it's one of the worst remote
denial of service attacks that can happen. It just takes your whole
Website down! And hey it affects Ubuntu-LTS-Server! I just tried it with
my home DSL line against Ubuntu.com and it went down about instantly!
What frickin' else do you want? And yeah my page with about 4000 unique
daily visitors was affected as well - not sure if you call that big, but
at least ubuntu.com should be big enough, isn't it?

Concerning the picture - left one is local slowloris against ubuntu.com
- right one is links2 from my server. Guess what? It didn't load anymore
till I stopped slowloris! So if you don't care whether ubuntu.com is
reachable or not, why do you think they bought the domain in the first
place? If that's not serious - what else do you want?

** Attachment added: "ubuntu.com downed by slowloris!"
   http://launchpadlibrarian.net/32140980/slowloris%20against%20ubuntu.png

-- 
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.



More information about the Ubuntu-server-bugs mailing list