In computing, a denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. A distributed denial-of-service (DDoS) is where the attack source is more than one–and often thousands of-unique IP addresses. Criminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks, credit card payment gateways; but motives of revenge, blackmail or activism can be behind other attacks.
Slowloris is written by Robert “RSnake” Hansen which allows a single machine to take down another machine’s web server with minimal bandwidth and side effects on unrelated services and ports. Slowloris tries to keep many connections to the target web server open and hold them open as long as possible. It accomplishes this by opening connections to the target web server and sending a partial request. Slowloris is one of the best DDOS tool.Slowloris can knockout Apache servers efficiently. Slowloris makes a partial http request in multi-thread mode. This is very effective against apache servers because apache server works in such a way that it waits for the connection to complete i.e timeout mechanism. Since we generate huge traffic with partial request on a multi-thread mode the target server’s resource get used up . Continuous attack can ruin the server resources and throws an internal error.
# sudo apt-get install libwww-mechanize-shell-perl
# sudo apt-get install perl-mechanize
Download the slowloris.pl script from the below link
Launch the attack
Just copy your target’s IP or URL and start attacking
Unlike other server attacks DOS attack is not very effective, you cannot take a large website with your single machine. It will be more effective when you have more attackers. Form a BOT-NET army to launch a DDOS or do it along with your friends. Attacking a huge server with one machine will consume more hours.
An advantage of slowloris is it will evade most of the IDS system, because its not sending malformed request. The traffic seems to be legitimate by all IDS or WAF systems.
The disadvantage of slowloris is the target server come back online as soon as the script is stopped because the web server close the connections automatically after the request timeout. So you have run the script consistently to knockout the server