DoS attack in the wild

luben karavelov luben at unixsol.org
Sat Jun 20 16:33:40 MSD 2009


Jérôme Loyet wrote:
> this attack works great on apache but I was unable, yet, to make it
> works on nginx (0.8.3).
> 

On nginx it exhuases the available sockets. My setup is nginx-0.7.58 
with cofig: :

worker_processes  4;
worker_rlimit_nofile 5000;
events {
     worker_connections  2048;
     use epoll;
}


and without the fixes I could DoS the server with:
./slowloris.pl -dns photomoment.bg -timeout 30 -num 10000 -tcpto 5

exhausts available sockets and the server stops replying to new requests.

Sorry for the late reply.

Luben





More information about the nginx mailing list