Making sure your application is available

RATE LIMITING

Author(s):

Maybe we should listen to those network guys.

A few months ago I wrote about the Slowloris attack on web servers, the short version of which is: Attackers connect and hold connections open, using very few resources on their end, but soaking up all your available sockets and preventing any legitimate users from connecting. Since then, a number of other denial-of-service types of attack have been announced against web servers, web applications, and other services. This got me thinking: How can programmers deal with these issues in a generic way to reduce their impact?

Read full article as PDF:

058-059_kurt.pdf (893.86 kB)

Related content

comments powered by Disqus

Direct Download

Read full article as PDF:

058-059_kurt.pdf (893.86 kB)

News