[Owasp-leaders] Latest HTTP POST Layer 7 DDOS attack technique
Wong Onn Chee
ocwong at usa.net
Thu Nov 19 23:56:52 EST 2009
Not sure whether this is of interest to all of you, but I will like to
bring to everyone's attention regarding a latest DDOS attack technique
against web servers.
This attack technique uses HTTP POST, operates at Layer 7 and is highly
evasive against today's detection capabilities.
One only needs 60,000 such connections to bring down an IIS web server
regardless of the hardware specs.
A lesser number is required to DDOS a Apache server.
If you are interested in more information, please contact me off-list,
so as not to spam everyone.
Thank you for your time.
More information about the OWASP-Leaders