[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #23527 [Internal Services/Tor Sysadmin Team]: Our web server is probably vulnerable to slowloris attack

#23527: Our web server is probably vulnerable to slowloris attack
-------------------------------------------------+---------------------
 Reporter:  gk                                   |          Owner:  tpa
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+---------------------

Comment (by dcf):

 BTW [https://nmap.org/nsedoc/scripts/http-slowloris-check.html http-
 slowloris-check] is an Nmap script. You can try to reproduce it yourself
 using this command. When I tried it just now, it didn't detect any
 vulnerability, even against the same IP address as in attachment:tor.PNG,
 82.195.75.101.
 {{{
 $ nmap -p 80,443 --script http-slowloris-check www.torproject.org

 Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-15 08:22 PDT
 Nmap scan report for www.torproject.org (82.195.75.101)
 Host is up (0.18s latency).
 Other addresses for www.torproject.org (not scanned): 38.229.72.16
 89.45.235.21 154.35.132.70 138.201.14.197
 2001:41b8:202:deb:213:21ff:fe20:1426 2001:6b0:5a:5000::5
 2620:0:6b0:b:1a1a:0:26e5:4810 2a01:4f8:172:1b46:0:abba:5:1
 rDNS record for 82.195.75.101: listera.torproject.org

 PORT    STATE SERVICE
 80/tcp  open  http
 443/tcp open  https

 Nmap done: 1 IP address (1 host up) scanned in 24.16 seconds
 }}}
 You can see what the script is doing in its source code:
 https://svn.nmap.org/nmap/scripts/http-slowloris-check.nse. You can get
 more debugging output using the `-d` option, like `[http-slowloris-check
 82.195.75.101:80] Time difference is: 0`.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23527#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs