Dealing with Layer 7 DDoS attacks (RUDY, Slowloris, etc)
Mel Brands
bighype at gmail.com
Mon Jul 25 17:09:50 UTC 2011
Hi guys,
I am curious as to how nginx deals with DDoS attacks that attack
through app layer, layer 7. I managed to find this page:
http://blog.rayfoo.info/2009/10/testing-slowloris-against-nginx
which claims that nginx is susceptible to the attack. Since this is
from 2009, has anything changed?
Also, has anyone tested nginx vs R-U-DEAD-YET (RUDY)? I haven't found
any tests online...
http://code.google.com/p/r-u-dead-yet/
I ask because these types of attacks are becoming extremely common and
hacktivist groups are using these simple tools to bring down all kinds
of large sites.
Thanks for any insight,
Mel
More information about the nginx
mailing list