<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Nexusguard Research Nexusguard Research
Sep 17, 2019

DNSSEC Fuels New Wave of DNS Amplification

Nexusguard Research Nexusguard Research
Sep 09, 2019

What Is A DNS Attack And Why Are They Dangerous?

Ruben Mondejar Ruben Mondejar
Aug 26, 2019

VAPT on Static Website

Featured Stories

Blog Home
Tony Miu
By
October 22, 2014

Torshammer: A Tool with Slow-rate DDoS Impact on Apache Servers

  DDoS Torshammer

In our last blog post, we analyzed the attack tools used to launch DDoS attacks in Hong Kong. Today, I’d like to examine Torshammer – a slow-rate DDoS attack tool – that has been used frequently by hacktivists.

 

Slow-rate DDoS impact on apache servers

Tor’s Hammer is a slow-rate DDoS attack tool that is efficient and very disruptive on most apache servers.

Similar to regular volumetric DDoS attacks, slow-rate DDoS attacks exhaust web server resources by generating a large amount of connections for as long as possible. More technically, it uses the classic form of slow POST attack, generating HTTP POST requests and connections that will hold for around 1000-30000 seconds.

 

Instead of leveraging huge attack bandwidth or large amounts of HTTP requests per second, slow-rate DDoS attacks simply exploit the maximum current connection time apache servers can handle.

 

Stay tuned as we collect more information on Tor’s Hammer and its attack history in Hong Kong. For a more in-depth analysis on this slow-rate DDoS attack tool and its impact on servers, please visit my personal blog post.

Popular Stories

Little droplets form roaring ocean Jan 03, 2019
2019 Will Be an Eventful Period for Cybersecurity Jun 22, 2018
Can “clean pipe” really clean dirty traffic? Jul 17, 2018

Popular Tags

DDoS Cybersecurity DDoS Protection Cyber Attack Amplification Attack Communications Service Provider Memcached Attack Botnet Malware Vulnerabilities DNS Amplification DNS Attack Financial Sector IoT Protest Ransom SSDP Satori Banking and Finance Big Data Analytics Bitcoin Blackhat Blackhole Class-C Clean Pipe Cloud service provider DDoS Threat Report DNSSEC Data Privacy Data Protection Domain Hijack Fatal Blow HTML5 ISP Lethal Problems Meltdown Mirai Multi-vector attack Mumsnet Nepel Network Breach Nexusguard Partner Program Origin Protection Patch Pentagon Pentester Potential Problem Infrastructures Practitioner RCE Vulnerability Replay Attacks SegmentSmack Shellshock Spectre TCP SYN flood Torshammer Trojan Turkish General Election Ukrainian Presidential Election Wordpress World Cup big bill cleanpipe cloud cloud service providers government smokescreen telegram zero-day attack
Similar to regular volumetric DDoS attacks, slow-rate DDoS attacks exhaust web server resources by generating a large amount of connections for as long as possible. 

Comments Form:

Related articles

DNSSEC Fuels New Wave of DNS Amplification

Nepal’s cybersecurity yet to catch up with exponential increase in smartphone internet access

The devastating effects of hitting mission-critical facilities