-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Peter,
On 5/14/12 3:20 PM, Peter Zola wrote: > 1. Is Apache Tomcat version 7.0.27 (or any version) susceptible to > Slowloris (Dos) attack? 2. If tomcat is susceptible to Slowloris, > how to fix it. I believe all web servers are vulnerable to Slowloris attack. The best you can do is mitigate the attack -- you can't actually prevent it because it's hard to tell the difference between an attacking client and a legitimate client with a really slow connection. You ought to be able to mitigate a lot of these types of attacks using QoS and per-client-IP-limits which are typically configured entirely independently of a web server (although httpd specifically -- and I'm sure others, too -- has modules that can help you do these kinds of things). Look at what your firewall or load-balancer can do for you in this area. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+xXbAACgkQ9CaO5/Lv0PCACwCfTUD5ES4mvuYzxe7rCXZEjxL4 1xwAmwZVP1W72CTpM2g9rR2ft5I/L8ad =rm1w -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
