Slowloris http DDoS attack - is LiteSpeed safe?

Discussion in 'General' started by closet geek, Jun 19, 2009.

  1. closet geek

    closet geek New Member

  2. mistwang

    mistwang LiteSpeed Staff

  3. closet geek

    closet geek New Member

    So the LiteSpeed DDoS settings are able to cope with this completely different type of DDoS?
  4. mistwang

    mistwang LiteSpeed Staff

    LSWS can limit the number of connections from one IP, once over the limit, all future connection requests will be dropped, so this type of attack wont affect LSWS.
  5. anewday

    anewday Moderator

    I assume litespeed should be resilient to this new attack?

    http://isc.sans.org/diary.html?storyid=6601
    Last edited: Jun 23, 2009
  6. grniyce

    grniyce New Member

    Same thing applies; however, if you have CSF installed and you have SynFlood enabled, they could tie up all of your "half-open" connections, which is what is described above. It's not really a new attack. For me I just left the SynFlood portion of CSF set to 0, or disabled. LSWS effectively blocks those attacks also.
  7. anewday

    anewday Moderator

    Same here with CSF, I just wanted to make sure litespeed drops these half open connections...
  8. anewday

    anewday Moderator

    Last edited: Jul 15, 2009

Share This Page