1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-23 04:23:08 +00:00

Slowloris both helps identify the timeout windows of a HTTP server or Proxy

server, can bypass httpready protection and ultimately performs a fairly low
bandwidth denial of service.  It has the added benefit of allowing the server
to come back at any time (once the program is killed), and not spamming the
logs excessively.  It also keeps the load nice and low on the target server, so
other vital processes don't die unexpectedly, or cause alarm to anyone who is
logged into the server for other reasons.

The main audience using slowloris is of course a system administrators wanting
to measure their webserver's performance and vulnerability.

WWW: http://ha.ckers.org/slowloris/

PR:		ports/136281
Submitted by:	Alexey V. Degtyarev
This commit is contained in:
Philip M. Gollucci 2009-07-13 22:40:20 +00:00
parent 01a2bc5b35
commit 597ef6d7b7
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=237733
5 changed files with 66 additions and 0 deletions

View File

@ -53,6 +53,7 @@
SUBDIR += scimark2c
SUBDIR += siege
SUBDIR += sipp
SUBDIR += slowloris
SUBDIR += stream
SUBDIR += super-smack
SUBDIR += sysbench

View File

@ -0,0 +1,43 @@
# New ports collection makefile for: slowloris
# Date created: Fri 03 Jul 2009
# Whom: Alexey V. Degtyarev
#
# $FreeBSD$
#
PORTNAME= slowloris
PORTVERSION= 0.7
CATEGORIES= benchmarks
MASTER_SITES= ftp://ftp.renatasystems.org/pub/FreeBSD/ports/distfiles/
MAINTAINER= alexey@renatasystems.org
COMMENT= The low bandwidth, yet greedy and poisonous HTTP client
USE_PERL5= yes
NO_BUILD= yes
RUN_DEPENDS= p5-IO-Socket-SSL>=0:${PORTSDIR}/security/p5-IO-Socket-SSL \
p5-Getopt-Long>=0:${PORTSDIR}/devel/p5-Getopt-Long
PLIST_FILES= bin/slowloris
.include <bsd.port.pre.mk>
PERL_THREADS= no
.if exists(${PERL})
PERL_THREADS!= ${PERL} -V::usethreads
.if ${PERL_THREADS} == "'define';"
RUN_DEPENDS+= p5-threads-shared>=0:${PORTSDIR}/devel/p5-threads-shared
PERL_THREADS= yes
.endif
.endif
.if ${PERL_THREADS} != "yes"
EXTRA_PATCHES+= ${FILESDIR}/extra-nothreads
.endif
do-install:
${INSTALL_SCRIPT} ${WRKSRC}/slowloris.pl ${PREFIX}/bin/slowloris
.include <bsd.port.post.mk>

View File

@ -0,0 +1,3 @@
MD5 (slowloris-0.7.tar.gz) = e2f11939daccc1c623acda7ab337ec1b
SHA256 (slowloris-0.7.tar.gz) = 72aa764570bc5c7c97caca585cdc67dcfd731ca0184e01d81ceb3917e4b04ff9
SIZE (slowloris-0.7.tar.gz) = 6306

View File

@ -0,0 +1,7 @@
--- slowloris.pl.orig 2009-06-29 18:05:27.000000000 +0400
+++ slowloris.pl 2009-07-03 14:31:35.000000000 +0400
@@ -96,2 +96,2 @@
- use threads;
- use threads::shared;
+# use threads;
+# use threads::shared;

View File

@ -0,0 +1,12 @@
Slowloris both helps identify the timeout windows of a HTTP server or Proxy
server, can bypass httpready protection and ultimately performs a fairly low
bandwidth denial of service. It has the added benefit of allowing the server
to come back at any time (once the program is killed), and not spamming the
logs excessively. It also keeps the load nice and low on the target server, so
other vital processes don't die unexpectedly, or cause alarm to anyone who is
logged into the server for other reasons.
The main audience using slowloris is of course a system administrators wanting
to measure their webserver's performance and vulnerability.
WWW: http://ha.ckers.org/slowloris/