Slowloris is one of the very popular tools for DDoS attacks and today we will be talking about Slowloris DDoS Attack Mitigation. I have built a course on this topic at Pluralsight. Here is the link to the course: Impact with Slowloris.
The Red Tool Engagement is all about ethical hacking where we first secure necessary authorization from the organization and after that perform necessary attacks on the organization. When we seek authorization from the organization for the attack, we should also make sure that they are aware of the date, time, and method which we are going to use for the attack.
One of the simplest ways to mitigate Slowloris DDoS attacks is to block the IP or port of the attacker. If you are using a Linux system it is very easy to do so. Here are the commands.
First, enable the firewall.
sudo ufw enable
Now insert the IP address to be blocked on the first position in the rule.
sudo ufw insert 1 deny from 192.168.xxx.xxx
If you want to remove the recently inserted rule, you can also do that by running the following command.
sudo ufw delete 1
Additionally, you can see all the rules and their position by running the following command.
sudo ufw status numbered
Well, there are many other methods to mitigate the Slowloris attack but the specified here gives a maximum return of investment for the efforts. Additionally, it is very important to attack quickly when dealing with Slowloris attack.
Impact with Slowloris
Knowing how to use Slowloris and how Denial of Service techniques can be used against you, will ultimately lead your organization to detect and defend against specific attacks. In this course, Impact with Slowloris, you’ll learn how to utilize Slowloris to execute impact in a red team environment. First, you’ll discuss this tool, the legal aspects, and the outcome you can expect from the engagement. Next, you’ll learn about the installation and environmental setup of Slowloris. Finally, you’ll simulate a Denial of Service attack. When you’re finished with this course, you’ll have the skills and knowledge to execute this Denial of Service attack technique using Slowloris.
I hope you find these Learning paths helpful. If you have a Pluralsight subscription, you can watch it for free. If you do not have a Pluralsight subscription, you can still watch the course for FREE by signing up for a trial account. Please note that you do not need any credit card.
Reference: Pinal Dave (http://blog.SQLAuthority.com)