![how to test against the slowloris attack how to test against the slowloris attack](https://cdn.acunetix.com/wp_content/uploads/2019/06/slow.png)
Finding a file that size hosted on the server shouldn't be difficult in most cases, but even if there isn't one, if the server supports HTTP pipelining - and most do - the same effect can be achieved by requesting a smaller resource multiple times. In order to force a large-enough response, the client must request a resource bigger than 128Kb.
![how to test against the slowloris attack how to test against the slowloris attack](https://images.purevpn-tools.com/public/images/slowloris-ddos-attack-purevpn-vpn-vector.png)
There's normally no need to have a send buffer larger than that," Shekyan explained. "TCP doesn't advertise the server's send buffer size, but we can assume that it is the default value, which is usually between 65Kb and 128Kb. This is done by reducing the client's ability to receive data to a value that is smaller than the server's send buffer.
#How to test against the slowloris attack full
The second requirement is to keep the server's send buffer full for a long period with other data chunks pending in order to keep the connection with the client active. Large responses are split into smaller chunks and get sent individually. In order to achieve this, the size of the server's response must be larger than what its send buffer can hold at any given time. "The idea of the attack I implemented is pretty simple: Send a legitimate HTTP request and read the response slowly, aiming to keep as many connections as possible active," Shekyan said. Unlike Slowloris, which works by slowing down HTTP requests in order to fill the Web server's concurrent connection pool and prevent it from serving legitimate clients, Shekyan's Slow Read DoS attack works by slowing down the server's responses. Louis, who developed Sockstress, a proof-of-concept application that applies the slow read attack concept to TCP stacks.
![how to test against the slowloris attack how to test against the slowloris attack](https://kb.mazebolt.com/wp-content/uploads/2017/03/http_slowloris_initial.png)
Shekyan's method is dubbed Slow Read DoS and is based on previous research by Robert Hansen, the creator of the Slowloris HTTP DoS tool and the late Jack C.
#How to test against the slowloris attack software
Qualys senior software engineer Sergey Shekyan has devised a new HTTP denial-of-service (DoS) attack method which relies on prolonging the time clients need to read Web server responses.