Nexusguard Blog
Cybersecurity best practices and DDoS defence strategies
Latest Stories
Featured Stories
Blog Home
In our last blog post, we analyzed the attack tools used to launch DDoS attacks in Hong Kong. Today, I’d like to examine Torshammer – a slow-rate DDoS attack tool – that has been used frequently by hacktivists.
Slow-rate DDoS impact on apache servers
Tor’s Hammer is a slow-rate DDoS attack tool that is efficient and very disruptive on most apache servers.
Similar to regular volumetric DDoS attacks, slow-rate DDoS attacks exhaust web server resources by generating a large amount of connections for as long as possible. More technically, it uses the classic form of slow POST attack, generating HTTP POST requests and connections that will hold for around 1000-30000 seconds.
Instead of leveraging huge attack bandwidth or large amounts of HTTP requests per second, slow-rate DDoS attacks simply exploit the maximum current connection time apache servers can handle.
Stay tuned as we collect more information on Tor’s Hammer and its attack history in Hong Kong. For a more in-depth analysis on this slow-rate DDoS attack tool and its impact on servers, please visit my personal blog post.
Email Subscription
Thank You!
We will get back to you shortly.
Popular Stories
Little droplets form roaring ocean
Jan 03, 2019
Can “clean pipe” really clean dirty traffic?
Jul 17, 2018
Popular Tags
DDoS DDoS Protection Cybersecurity Communications Service Provider Cyber Attack Amplification Attack Botnet DNS Attack Memcached Attack DDoS Threat Report DNS Amplification DNSSEC IoT Malware TCP SYN flood Vulnerabilities Clean Pipe Data Protection Financial Sector Origin Protection Protest Ransom SSDP Satori Banking and Finance Big Data Analytics Bitcoin Blackhat Blackhole Class-C Cloud service provider Data Privacy Domain Hijack Fatal Blow Gaming HTML5 HTTP attack ISP Lethal Problems MX7000 Meltdown Mirai Multi-vector attack Mumsnet Nepel Network Breach Nexusguard Partner Program Online Retailing Patch Pentagon Pentester Potential Problem Infrastructures Practitioner RCE Vulnerability Replay Attacks SegmentSmack Shellshock Smart City Security South Africa Spectre TAP Torshammer Trojan Turkish General Election Ukrainian Presidential Election Vietnam WAF Wordpress World Cup big bill bit-and-piece cleanpipe cloud cloud service providers government internet of things partnership smokescreen tcp attack telegram zero-day attack
Similar to regular volumetric DDoS attacks, slow-rate DDoS attacks exhaust web server resources by generating a large amount of connections for as long as possible.
Comments Form: