Talk:Slowloris (computer security)
 | This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||
Which software is unaffected?[edit]
The section "Mitigating the Slowloris attack" claims that some HTTP server software is unaffected yet doesn't list any. But as I understand the HTTP spec (RFC 2616), any server that responds in an HTTP-conforming way to a connection initiated by a slow modem (e.g. V.32bis at 14.4 kbps) is affected unless it drops the connection after the client sends too many request headers. What software is not affected and why not? --Damian Yerrick (talk | stalk) 17:27, 9 September 2010 (UTC)
- The attack is more pronounced on Apache due to the fact that Apache has a MaxClients setting which imposes a restriction on the number of simultaneous connections the web server will allow. SlowLoris uses slow connections to exploit this limitation, but that isn't the only way to do so.
- Servers may still be vulnerable even if they don't implement a hard limit on the number of of connections, as less than optimum connection handling can lead to the depletion of CPU and RAM resources on the server. This is classically known as the C10k problem. Motoma (talk | stalk) 21:13, 18 November 2010 (UTC)
Lighttpd affected or not?[edit]
Lighttpd is listed in the "affected servers" list, but later given as an example of a server that does not have the problem, along with nginx. Which is it? — Preceding unsigned comment added by 149.135.19.243 (talk) 23:54, 28 April 2014 (UTC)
External links modified[edit]
Hello fellow Wikipedians,
I have just added archive links to 2 external links on Slowloris (computer security). Please take a moment to review my edit. If necessary, add {{cbignore}} after the link to keep me from modifying it. Alternatively, you can add {{nobots|deny=InternetArchiveBot}} to keep me off the page altogether. I made the following changes:
- Added archive https://web.archive.org/20090629152805/http://iran.whyweprotest.net:80/general-discussion/2156-list-anti-protester-sites-2.html to http://iran.whyweprotest.net/general-discussion/2156-list-anti-protester-sites-2.html
- Added archive https://web.archive.org/20090811013813/http://iran.whyweprotest.net:80/help-iran-online/6194-condensed-list-sites-w-pictures-part-1-a.html to http://iran.whyweprotest.net/help-iran-online/6194-condensed-list-sites-w-pictures-part-1-a.html
When you have finished reviewing my changes, please set the checked parameter below to true to let others know.
This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
Cheers.—cyberbot IITalk to my owner:Online 11:58, 28 January 2016 (UTC)
External links modified[edit]
Hello fellow Wikipedians,
I have just added archive links to 2 external links on Slowloris (computer security). Please take a moment to review my edit. If necessary, add {{cbignore}} after the link to keep me from modifying it. Alternatively, you can add {{nobots|deny=InternetArchiveBot}} to keep me off the page altogether. I made the following changes:
- Added archive https://web.archive.org/20090822001255/http://ha.ckers.org:80/slowloris/ to http://ha.ckers.org/slowloris/
- Added archive https://web.archive.org/20090822001255/http://ha.ckers.org:80/slowloris/ to http://ha.ckers.org/slowloris/
When you have finished reviewing my changes, please set the checked parameter below to true to let others know.
This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
Cheers.—cyberbot IITalk to my owner:Online 01:50, 10 February 2016 (UTC)
- C-Class Computing articles
- Low-importance Computing articles
- C-Class Computer networking articles
- Low-importance Computer networking articles
- C-Class Computer networking articles of Low-importance
- All Computer networking articles
- C-Class software articles
- Low-importance software articles
- C-Class software articles of Low-importance
- All Software articles
- C-Class Websites articles
- Mid-importance Websites articles
- C-Class Websites articles of Mid-importance
- All Websites articles
- C-Class Computer Security articles
- Mid-importance Computer Security articles
- C-Class Computer Security articles of Mid-importance
- All Computer Security articles
- All Computing articles