UNDER ATTACK?

MX7000: A powerful, versatile 'cloud-in-a-box' DDoS mitigation solution.
Learn more

2022 1HY Report_Cover-2-1

In the first half of 2022, the total attack count and average attack size increased by 75.60% and decreased by 55.97% respectively compared to the figures recorded in the second half of 2021.  Learn More

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Nexusguard Product Nexusguard Product
Sep 30, 2022

Nexusguard Extended Cloud Protection capability delivers increased flexibility for DDoS protection solutions

Nexusguard Product Nexusguard Product
Aug 31, 2022

Nexusguard Edge Protection diverts attack risk to Cloud reducing demand for large mitigation bandwidth from Communications Service Providers

Nexusguard Product Nexusguard Product
Jul 29, 2022

Nexusguard adds Network Protection to deliver increased protection for Local Communications Service Provider Infrastructures

Featured Stories

Blog Home
Tony Miu
By
October 22, 2014

Torshammer: A Tool with Slow-rate DDoS Impact on Apache Servers

  DDoS Torshammer

In our last blog post, we analyzed the attack tools used to launch DDoS attacks in Hong Kong. Today, I’d like to examine Torshammer – a slow-rate DDoS attack tool – that has been used frequently by hacktivists.

 

Slow-rate DDoS impact on apache servers

Tor’s Hammer is a slow-rate DDoS attack tool that is efficient and very disruptive on most apache servers.

Similar to regular volumetric DDoS attacks, slow-rate DDoS attacks exhaust web server resources by generating a large amount of connections for as long as possible. More technically, it uses the classic form of slow POST attack, generating HTTP POST requests and connections that will hold for around 1000-30000 seconds.

 

Instead of leveraging huge attack bandwidth or large amounts of HTTP requests per second, slow-rate DDoS attacks simply exploit the maximum current connection time apache servers can handle.

 

Stay tuned as we collect more information on Tor’s Hammer and its attack history in Hong Kong. For a more in-depth analysis on this slow-rate DDoS attack tool and its impact on servers, please visit my personal blog post.

Popular Stories

VAPT on Static Website Aug 26, 2019
Torshammer: A Tool with Slow-rate DDoS Impact on Apache Servers Oct 22, 2014
DDoS Mitigation with Flowspec Dec 22, 2020
Similar to regular volumetric DDoS attacks, slow-rate DDoS attacks exhaust web server resources by generating a large amount of connections for as long as possible. 


Related articles

COVID-19 pandemic causing the most significant increase in DDoS attacks ever

How Vietnam networks unwittingly expose themselves to IoT botnet exploits

Communications Service Providers (CSPs) are being brought to their knees by “Bit-and-Piece” attacks that fly under the radar

SOLUTIONS
PRODUCTS & SERVICES
PARTNERS
ACADEMY
RESOURCES
ABOUT US

© 2022 Nexusguard - All Rights Reserved. Read Our Privacy Policy.