Logo

Focus on exhausting CPU & Memory

HTTP(S) Flood

Pasted image 20240813233634.png

Characteristics

  1. Legitimacy of Requests: Mimics User Requests (GET, POST, PUT, …)
  2. Low and Slow Attacks: Smaller number of requests are sent slowly over time.
  3. Targeting Application Logic: Exploit weaknesses in App Handling.

Methods

  • Rate Limiting (limit_req in NGINX or mod_reqtimeout in Apache)
  • Geofencing - block from high-risk regions
  • Anamoly Detection
  • Timeouts - NGINX’s keepalive_timeout

Slowloris

Working

  1. TCP Three-Way Handshake: Begins by completing the full TCP three-way handshake.
  2. Partial HTTP Requests: Once the connection is established, sends an incomplete HTTP request. For example, it might send the headers of an HTTP GET request but omit the final line or a portion of the headers.
  3. Keep-Alive and Timeout Manipulation: Slow-loris sends additional HTTP headers at regular intervals to keep the connection open without completing the request. This prevents the server from closing the connection due to inactivity.

DNS Attack

Working

© 2025 All rights reservedBuilt with DataHub Cloud

Built with LogoDataHub Cloud