1 Summary: Application Layer DoS attack simulator
6 Group: Applications/Networking
7 Source0: https://slowhttptest.googlecode.com/files/%{name}-%{version}.tar.gz
8 # Source0-md5: 1437fdac96e99305f765a7f0b075b006
9 URL: https://code.google.com/p/slowhttptest/
10 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
13 SlowHTTPTest is a highly configurable tool that simulates some
14 Application Layer Denial of Service attacks.
16 It implements most common low-bandwidth Application Layer DoS attacks,
17 such as slowloris, Slow HTTP POST, Slow Read attack (based on TCP
18 persist timer exploit) by draining concurrent connections pool, as
19 well as Apache Range Header attack by causing very significant memory
20 and CPU usage on the server.
22 Slowloris and Slow HTTP POST DoS attacks rely on the fact that the
23 HTTP protocol, by design, requires requests to be completely received
24 by the server before they are processed. If an HTTP request is not
25 complete, or if the transfer rate is very low, the server keeps its
26 resources busy waiting for the rest of the data. If the server keeps
27 too many resources busy, this creates a denial of service. This tool
28 is sending partial HTTP requests, trying to get denial of service from
31 Slow Read DoS attack aims the same resources as slowloris and slow
32 POST, but instead of prolonging the request, it sends legitimate HTTP
33 request and reads the response slowly.
43 rm -rf $RPM_BUILD_ROOT
45 DESTDIR=$RPM_BUILD_ROOT
48 rm -rf $RPM_BUILD_ROOT
51 %defattr(644,root,root,755)
52 %attr(755,root,root) %{_bindir}/slowhttptest
53 %{_mandir}/man1/slowhttptest.1*