ports/136281: New port: benchmarks/slowloris - HTTP client to test webservers over denial-of-service attacks

Alexey V.Degtyarev alexey at renatasystems.org
Fri Jul 3 12:20:06 UTC 2009 

>Number:         136281
>Category:       ports
>Synopsis:       New port: benchmarks/slowloris - HTTP client to test webservers over denial-of-service attacks
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jul 03 12:20:05 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Alexey V. Degtyarev
>Release:        FreeBSD 7.1-RELEASE amd64
>Organization:
>Environment:
System: FreeBSD renatasystems.org 7.1-RELEASE FreeBSD 7.1-RELEASE #0: Thu Jan 1 08:58:24 UTC 2009 root at driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64


	
>Description:
Slowloris both helps identify the timeout windows of a HTTP server or Proxy
server, can bypass httpready protection and ultimately performs a fairly low
bandwidth denial of service.  It has the added benefit of allowing the server
to come back at any time (once the program is killed), and not spamming the
logs excessively.  It also keeps the load nice and low on the target server, so
other vital processes don't die unexpectedly, or cause alarm to anyone who is
logged into the server for other reasons.

The main audience using slowloris is of course a system administrators wanting
to measure their webserver's performance and vulnerability.

WWW: http://ha.ckers.org/slowloris/
>How-To-Repeat:
	
>Fix:

	

--- slowloris.shar begins here ---
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	slowloris
#	slowloris/pkg-descr
#	slowloris/distinfo
#	slowloris/Makefile
#	slowloris/files
#	slowloris/files/extra-nothreads
#
echo c - slowloris
mkdir -p slowloris > /dev/null 2>&1
echo x - slowloris/pkg-descr
sed 's/^X//' >slowloris/pkg-descr << '35d5a4b2e9f67caad838f1e76b0c8bad'
XSlowloris both helps identify the timeout windows of a HTTP server or Proxy
Xserver, can bypass httpready protection and ultimately performs a fairly low
Xbandwidth denial of service.  It has the added benefit of allowing the server
Xto come back at any time (once the program is killed), and not spamming the
Xlogs excessively.  It also keeps the load nice and low on the target server, so
Xother vital processes don't die unexpectedly, or cause alarm to anyone who is
Xlogged into the server for other reasons.
X
XThe main audience using slowloris is of course a system administrators wanting
Xto measure their webserver's performance and vulnerability.
X
XWWW: http://ha.ckers.org/slowloris/
35d5a4b2e9f67caad838f1e76b0c8bad
echo x - slowloris/distinfo
sed 's/^X//' >slowloris/distinfo << '2a074b7961c4d986b16d1fda8fa94900'
XMD5 (slowloris-0.7.tar.gz) = e2f11939daccc1c623acda7ab337ec1b
XSHA256 (slowloris-0.7.tar.gz) = 72aa764570bc5c7c97caca585cdc67dcfd731ca0184e01d81ceb3917e4b04ff9
XSIZE (slowloris-0.7.tar.gz) = 6306
2a074b7961c4d986b16d1fda8fa94900
echo x - slowloris/Makefile
sed 's/^X//' >slowloris/Makefile << 'e4d15b0e829e99f7196201fdaac97698'
X# New ports collection makefile for:	slowloris
X# Date created:				Fri 03 Jul 2009
X# Whom:					Alexey V. Degtyarev
X#
X# $FreeBSD$
X#
X
XPORTNAME=	slowloris
XPORTVERSION=	0.7
XCATEGORIES=	benchmarks
XMASTER_SITES=	ftp://ftp.renatasystems.org/pub/FreeBSD/ports/distfiles/
X
XMAINTAINER=	alexey at renatasystems.org
XCOMMENT=	The low bandwidth, yet greedy and poisonous HTTP client
X
XUSE_PERL5=	yes
XNO_BUILD=	yes
X
XRUN_DEPENDS=	p5-IO-Socket-SSL>=0:${PORTSDIR}/security/p5-IO-Socket-SSL \
X		p5-Getopt-Long>=0:${PORTSDIR}/devel/p5-Getopt-Long
X
XPLIST_FILES=	bin/slowloris
X
X.include <bsd.port.pre.mk>
X
XPERL_THREADS=	no
X
X.if exists(${PERL})
XPERL_THREADS!=  ${PERL} -V::usethreads
X.if ${PERL_THREADS} == "'define';"
XRUN_DEPENDS+=	p5-threads-shared>=0:${PORTSDIR}/devel/p5-threads-shared
XPERL_THREADS=	yes
X.endif
X.endif
X
X.if ${PERL_THREADS} != "yes"
XEXTRA_PATCHES+=	${FILESDIR}/extra-nothreads
X.endif
X
Xdo-install:
X	${INSTALL_SCRIPT} ${WRKSRC}/slowloris.pl ${PREFIX}/bin/slowloris
X
X.include <bsd.port.post.mk>
e4d15b0e829e99f7196201fdaac97698
echo c - slowloris/files
mkdir -p slowloris/files > /dev/null 2>&1
echo x - slowloris/files/extra-nothreads
sed 's/^X//' >slowloris/files/extra-nothreads << '78942374d7b3c94b1df362e27e97de55'
X--- slowloris.pl.orig	2009-06-29 18:05:27.000000000 +0400
X+++ slowloris.pl	2009-07-03 14:31:35.000000000 +0400
X@@ -96,2 +96,2 @@
X-    use threads;
X-    use threads::shared;
X+#    use threads;
X+#    use threads::shared;
78942374d7b3c94b1df362e27e97de55
exit
--- slowloris.shar ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list