Welcome! Log In Create A New Profile

Advanced

Re: Dealing with Layer 7 DDoS attacks (RUDY, Slowloris, etc)

Previous Message Next Message
Forum List Message List New Topic Print View
Mel Brands
July 25, 2011 01:24PM
Rami,

Right, nginx does seem to handle SlowLoris attack better than most web
servers. However, there's Apache 2 patch that mitigates SlowLoris really
well (you can find it with a quick search). I don't know if nginx is on the
same level as Apache2+patch.

However, I have no idea how well nginx can sustain under a small/moderate
RUDY attack. RUDY is one of the newer attacks that's gained a lot of
popularity in recent months.

Mel

On Mon, Jul 25, 2011 at 1:15 PM, Rami Essaid <rami.essaid@gmail.com> wrote:

> Reading that article it says:
> "So… nginx is a good web server, use it! [image: ;)]"
>
> Their conclusion was that nginx handles that type of attack very well and
> you would need a DDoS attack (and a large one at that) to bring down a
> single nginx server. Are there other examples of attacks that you have
> found that nginx is susceptible to? I have not heard of any
> specific vulnerabilities of nginx that are not common to any other webserver
> like simple bandwidth flooding.
>
> Rami
>
>
> On Mon, Jul 25, 2011 at 1:09 PM, Mel Brands <bighype@gmail.com> wrote:
>
>> Hi guys,
>>
>> I am curious as to how nginx deals with DDoS attacks that attack
>> through app layer, layer 7. I managed to find this page:
>>
>> http://blog.rayfoo.info/2009/10/testing-slowloris-against-nginx
>>
>> which claims that nginx is susceptible to the attack. Since this is
>> from 2009, has anything changed?
>>
>> Also, has anyone tested nginx vs R-U-DEAD-YET (RUDY)? I haven't found
>> any tests online...
>>
>> http://code.google.com/p/r-u-dead-yet/
>>
>> I ask because these types of attacks are becoming extremely common and
>> hacktivist groups are using these simple tools to bring down all kinds
>> of large sites.
>>
>> Thanks for any insight,
>>
>> Mel
>>
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
>
> --
> Cheers,
> Rami
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

Dealing with Layer 7 DDoS attacks (RUDY, Slowloris, etc)

Mel Brands July 25, 2011 01:12PM

Re: Dealing with Layer 7 DDoS attacks (RUDY, Slowloris, etc)

ressaid July 25, 2011 01:16PM

Re: Dealing with Layer 7 DDoS attacks (RUDY, Slowloris, etc)

Mel Brands July 25, 2011 01:24PM

Re: Dealing with Layer 7 DDoS attacks (RUDY, Slowloris, etc)

Joe July 25, 2011 01:42PM

Re: Dealing with Layer 7 DDoS attacks (RUDY, Slowloris, etc)

Maxim Dounin July 25, 2011 02:16PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 131
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready