Problem Name: |
Slow HTTP denial of Service Attack |
Problem URL |
http://10.238.*. *:58* * * |
Risk Level: |
High |
Problem Type: |
Server Configuration Classes |
Vulnerability Description: |
When using HTTP post:post, specify a very large Content-length, and then at a very low speed, such as 10-100s send a byte, hold this connection continuously open. When the client is connected, it takes up all the available connections to the Webserver, resulting in DOS. |
Solution: |
The maximum license time for the HTTP header transfer of the Web server is limited and modified to a maximum license time of 20 seconds. |
Phase Off Within Capacity |
Practical solution: Find the file Server.xml under Tomacat, find the following information, The original is 20000, modified to 20, restart the service on the line. |
From:gs-utrapower-zyr time:20150602
Slow HTTP Denial of Service Attack Vulnerability resolution