Date: 3 Jul 2009 16:14:46 +0400 From: "Alexey V.Degtyarev" <alexey@renatasystems.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/136281: New port: benchmarks/slowloris - HTTP client to test webservers over denial-of-service attacks Message-ID: <20090703121446.26543.qmail@hs-9.renatasystems.org> Resent-Message-ID: <200907031220.n63CK6vx087871@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 136281 >Category: ports >Synopsis: New port: benchmarks/slowloris - HTTP client to test webservers over denial-of-service attacks >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Jul 03 12:20:05 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Alexey V. Degtyarev >Release: FreeBSD 7.1-RELEASE amd64 >Organization: >Environment: System: FreeBSD renatasystems.org 7.1-RELEASE FreeBSD 7.1-RELEASE #0: Thu Jan 1 08:58:24 UTC 2009 root@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 >Description: Slowloris both helps identify the timeout windows of a HTTP server or Proxy server, can bypass httpready protection and ultimately performs a fairly low bandwidth denial of service. It has the added benefit of allowing the server to come back at any time (once the program is killed), and not spamming the logs excessively. It also keeps the load nice and low on the target server, so other vital processes don't die unexpectedly, or cause alarm to anyone who is logged into the server for other reasons. The main audience using slowloris is of course a system administrators wanting to measure their webserver's performance and vulnerability. WWW: http://ha.ckers.org/slowloris/ >How-To-Repeat: >Fix: --- slowloris.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # slowloris # slowloris/pkg-descr # slowloris/distinfo # slowloris/Makefile # slowloris/files # slowloris/files/extra-nothreads # echo c - slowloris mkdir -p slowloris > /dev/null 2>&1 echo x - slowloris/pkg-descr sed 's/^X//' >slowloris/pkg-descr << '35d5a4b2e9f67caad838f1e76b0c8bad' XSlowloris both helps identify the timeout windows of a HTTP server or Proxy Xserver, can bypass httpready protection and ultimately performs a fairly low Xbandwidth denial of service. It has the added benefit of allowing the server Xto come back at any time (once the program is killed), and not spamming the Xlogs excessively. It also keeps the load nice and low on the target server, so Xother vital processes don't die unexpectedly, or cause alarm to anyone who is Xlogged into the server for other reasons. X XThe main audience using slowloris is of course a system administrators wanting Xto measure their webserver's performance and vulnerability. X XWWW: http://ha.ckers.org/slowloris/ 35d5a4b2e9f67caad838f1e76b0c8bad echo x - slowloris/distinfo sed 's/^X//' >slowloris/distinfo << '2a074b7961c4d986b16d1fda8fa94900' XMD5 (slowloris-0.7.tar.gz) = e2f11939daccc1c623acda7ab337ec1b XSHA256 (slowloris-0.7.tar.gz) = 72aa764570bc5c7c97caca585cdc67dcfd731ca0184e01d81ceb3917e4b04ff9 XSIZE (slowloris-0.7.tar.gz) = 6306 2a074b7961c4d986b16d1fda8fa94900 echo x - slowloris/Makefile sed 's/^X//' >slowloris/Makefile << 'e4d15b0e829e99f7196201fdaac97698' X# New ports collection makefile for: slowloris X# Date created: Fri 03 Jul 2009 X# Whom: Alexey V. Degtyarev X# X# $FreeBSD$ X# X XPORTNAME= slowloris XPORTVERSION= 0.7 XCATEGORIES= benchmarks XMASTER_SITES= ftp://ftp.renatasystems.org/pub/FreeBSD/ports/distfiles/ X XMAINTAINER= alexey@renatasystems.org XCOMMENT= The low bandwidth, yet greedy and poisonous HTTP client X XUSE_PERL5= yes XNO_BUILD= yes X XRUN_DEPENDS= p5-IO-Socket-SSL>=0:${PORTSDIR}/security/p5-IO-Socket-SSL \ X p5-Getopt-Long>=0:${PORTSDIR}/devel/p5-Getopt-Long X XPLIST_FILES= bin/slowloris X X.include <bsd.port.pre.mk> X XPERL_THREADS= no X X.if exists(${PERL}) XPERL_THREADS!= ${PERL} -V::usethreads X.if ${PERL_THREADS} == "'define';" XRUN_DEPENDS+= p5-threads-shared>=0:${PORTSDIR}/devel/p5-threads-shared XPERL_THREADS= yes X.endif X.endif X X.if ${PERL_THREADS} != "yes" XEXTRA_PATCHES+= ${FILESDIR}/extra-nothreads X.endif X Xdo-install: X ${INSTALL_SCRIPT} ${WRKSRC}/slowloris.pl ${PREFIX}/bin/slowloris X X.include <bsd.port.post.mk> e4d15b0e829e99f7196201fdaac97698 echo c - slowloris/files mkdir -p slowloris/files > /dev/null 2>&1 echo x - slowloris/files/extra-nothreads sed 's/^X//' >slowloris/files/extra-nothreads << '78942374d7b3c94b1df362e27e97de55' X--- slowloris.pl.orig 2009-06-29 18:05:27.000000000 +0400 X+++ slowloris.pl 2009-07-03 14:31:35.000000000 +0400 X@@ -96,2 +96,2 @@ X- use threads; X- use threads::shared; X+# use threads; X+# use threads::shared; 78942374d7b3c94b1df362e27e97de55 exit --- slowloris.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090703121446.26543.qmail>