From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Jul 3 12:20:06 2009 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6471C1065674 for ; Fri, 3 Jul 2009 12:20:06 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 39EA18FC13 for ; Fri, 3 Jul 2009 12:20:06 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n63CK6EE087872 for ; Fri, 3 Jul 2009 12:20:06 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n63CK6vx087871; Fri, 3 Jul 2009 12:20:06 GMT (envelope-from gnats) Resent-Date: Fri, 3 Jul 2009 12:20:06 GMT Resent-Message-Id: <200907031220.n63CK6vx087871@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, "Alexey V.Degtyarev" Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D181E1065673 for ; Fri, 3 Jul 2009 12:14:49 +0000 (UTC) (envelope-from root@undeliverable.renatasystems.org) Received: from hs-9.renatasystems.org (hs-9.renatasystems.org [83.222.5.149]) by mx1.freebsd.org (Postfix) with SMTP id 11E0D8FC12 for ; Fri, 3 Jul 2009 12:14:48 +0000 (UTC) (envelope-from root@undeliverable.renatasystems.org) Received: (qmail 26544 invoked by uid 0); 3 Jul 2009 16:14:46 +0400 Message-Id: <20090703121446.26543.qmail@hs-9.renatasystems.org> Date: 3 Jul 2009 16:14:46 +0400 From: "Alexey V.Degtyarev" To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/136281: New port: benchmarks/slowloris - HTTP client to test webservers over denial-of-service attacks X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Alexey V.Degtyarev" List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Jul 2009 12:20:06 -0000 >Number: 136281 >Category: ports >Synopsis: New port: benchmarks/slowloris - HTTP client to test webservers over denial-of-service attacks >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Jul 03 12:20:05 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Alexey V. Degtyarev >Release: FreeBSD 7.1-RELEASE amd64 >Organization: >Environment: System: FreeBSD renatasystems.org 7.1-RELEASE FreeBSD 7.1-RELEASE #0: Thu Jan 1 08:58:24 UTC 2009 root@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 >Description: Slowloris both helps identify the timeout windows of a HTTP server or Proxy server, can bypass httpready protection and ultimately performs a fairly low bandwidth denial of service. It has the added benefit of allowing the server to come back at any time (once the program is killed), and not spamming the logs excessively. It also keeps the load nice and low on the target server, so other vital processes don't die unexpectedly, or cause alarm to anyone who is logged into the server for other reasons. The main audience using slowloris is of course a system administrators wanting to measure their webserver's performance and vulnerability. WWW: http://ha.ckers.org/slowloris/ >How-To-Repeat: >Fix: --- slowloris.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # slowloris # slowloris/pkg-descr # slowloris/distinfo # slowloris/Makefile # slowloris/files # slowloris/files/extra-nothreads # echo c - slowloris mkdir -p slowloris > /dev/null 2>&1 echo x - slowloris/pkg-descr sed 's/^X//' >slowloris/pkg-descr << '35d5a4b2e9f67caad838f1e76b0c8bad' XSlowloris both helps identify the timeout windows of a HTTP server or Proxy Xserver, can bypass httpready protection and ultimately performs a fairly low Xbandwidth denial of service. It has the added benefit of allowing the server Xto come back at any time (once the program is killed), and not spamming the Xlogs excessively. It also keeps the load nice and low on the target server, so Xother vital processes don't die unexpectedly, or cause alarm to anyone who is Xlogged into the server for other reasons. X XThe main audience using slowloris is of course a system administrators wanting Xto measure their webserver's performance and vulnerability. X XWWW: http://ha.ckers.org/slowloris/ 35d5a4b2e9f67caad838f1e76b0c8bad echo x - slowloris/distinfo sed 's/^X//' >slowloris/distinfo << '2a074b7961c4d986b16d1fda8fa94900' XMD5 (slowloris-0.7.tar.gz) = e2f11939daccc1c623acda7ab337ec1b XSHA256 (slowloris-0.7.tar.gz) = 72aa764570bc5c7c97caca585cdc67dcfd731ca0184e01d81ceb3917e4b04ff9 XSIZE (slowloris-0.7.tar.gz) = 6306 2a074b7961c4d986b16d1fda8fa94900 echo x - slowloris/Makefile sed 's/^X//' >slowloris/Makefile << 'e4d15b0e829e99f7196201fdaac97698' X# New ports collection makefile for: slowloris X# Date created: Fri 03 Jul 2009 X# Whom: Alexey V. Degtyarev X# X# $FreeBSD$ X# X XPORTNAME= slowloris XPORTVERSION= 0.7 XCATEGORIES= benchmarks XMASTER_SITES= ftp://ftp.renatasystems.org/pub/FreeBSD/ports/distfiles/ X XMAINTAINER= alexey@renatasystems.org XCOMMENT= The low bandwidth, yet greedy and poisonous HTTP client X XUSE_PERL5= yes XNO_BUILD= yes X XRUN_DEPENDS= p5-IO-Socket-SSL>=0:${PORTSDIR}/security/p5-IO-Socket-SSL \ X p5-Getopt-Long>=0:${PORTSDIR}/devel/p5-Getopt-Long X XPLIST_FILES= bin/slowloris X X.include X XPERL_THREADS= no X X.if exists(${PERL}) XPERL_THREADS!= ${PERL} -V::usethreads X.if ${PERL_THREADS} == "'define';" XRUN_DEPENDS+= p5-threads-shared>=0:${PORTSDIR}/devel/p5-threads-shared XPERL_THREADS= yes X.endif X.endif X X.if ${PERL_THREADS} != "yes" XEXTRA_PATCHES+= ${FILESDIR}/extra-nothreads X.endif X Xdo-install: X ${INSTALL_SCRIPT} ${WRKSRC}/slowloris.pl ${PREFIX}/bin/slowloris X X.include e4d15b0e829e99f7196201fdaac97698 echo c - slowloris/files mkdir -p slowloris/files > /dev/null 2>&1 echo x - slowloris/files/extra-nothreads sed 's/^X//' >slowloris/files/extra-nothreads << '78942374d7b3c94b1df362e27e97de55' X--- slowloris.pl.orig 2009-06-29 18:05:27.000000000 +0400 X+++ slowloris.pl 2009-07-03 14:31:35.000000000 +0400 X@@ -96,2 +96,2 @@ X- use threads; X- use threads::shared; X+# use threads; X+# use threads::shared; 78942374d7b3c94b1df362e27e97de55 exit --- slowloris.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted: