Slowloris Attack

Slowloris attack (also known as Slow Header or Slow GET) is a type of Slow DoS attack that targets the web servers. It achieves this by opening a large number of HTTP connections to the target server and keeping them open for prolonged periods, consuming server resources and preventing legitimate users from accessing the service.

The attacker done this by sending incomplete HTTP requests (without terminating double line break ( \r \n \ r\ n )) periodically and simultaneously to the targeted web server which force server to wait for subsequent request to arrive and then start processing. To maintain these open connections, the attacker sends periodic keep-alive packets containing a small amount of data (often random characters) to the server. This resets the server’s idle timer and prevents it from closing the connection too early. The attacker then repeats this process, keeping a large number of connections open and consuming server resources. This process is repeated until the server become overwhelmed and unavailable to handle the requests of legitimate users.