Dealing with Layer 7 DDoS attacks (RUDY, Slowloris, etc)

Rami Essaid rami.essaid at gmail.com
Mon Jul 25 17:15:37 UTC 2011


Reading that article it says:
"So… nginx is a good web server, use it! [image: ;)]"

Their conclusion was that nginx handles that type of attack very well and
you would need a DDoS attack (and a large one at that) to bring down a
single nginx server.  Are there other examples of attacks that you have
found that nginx is susceptible to?  I have not heard of any
specific vulnerabilities of nginx that are not common to any other webserver
like simple bandwidth flooding.

Rami


On Mon, Jul 25, 2011 at 1:09 PM, Mel Brands <bighype at gmail.com> wrote:

> Hi guys,
>
> I am curious as to how nginx deals with DDoS attacks that attack
> through app layer, layer 7. I managed to find this page:
>
> http://blog.rayfoo.info/2009/10/testing-slowloris-against-nginx
>
> which claims that nginx is susceptible to the attack. Since this is
> from 2009, has anything changed?
>
> Also, has anyone tested nginx vs R-U-DEAD-YET (RUDY)? I haven't found
> any tests online...
>
> http://code.google.com/p/r-u-dead-yet/
>
> I ask because these types of attacks are becoming extremely common and
> hacktivist groups are using these simple tools to bring down all kinds
> of large sites.
>
> Thanks for any insight,
>
> Mel
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>



-- 
Cheers,
Rami
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20110725/665ef1a2/attachment.html>


More information about the nginx mailing list