[Owasp-leaders] Latest HTTP POST Layer 7 DDOS attack technique
dinis.cruz at owasp.org
Fri Nov 20 00:40:12 EST 2009
Hi wong, have you contacted Microsoft & the Apache Foundation
regarding these issues?
If so, what was their response?
On 20 Nov 2009, at 04:56, Wong Onn Chee <ocwong at usa.net> wrote:
> Hi folks,
> Not sure whether this is of interest to all of you, but I will like to
> bring to everyone's attention regarding a latest DDOS attack technique
> against web servers.
> This attack technique uses HTTP POST, operates at Layer 7 and is
> evasive against today's detection capabilities.
> One only needs 60,000 such connections to bring down an IIS web server
> regardless of the hardware specs.
> A lesser number is required to DDOS a Apache server.
> If you are interested in more information, please contact me off-list,
> so as not to spam everyone.
> Thank you for your time.
> Onn Chee
> Chapter Lead
> OWASP Singapore.
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
More information about the OWASP-Leaders