It is described here: http://ha.ckers.org/slowloris/
Basically the attacker invokes thousands of connections, slowly sending header after header until the server has exhausted resources, most likely threads. Can tomcat use nio to process the headers then create a thead and execute the webapp? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
