312-50V10 · Question #938
A DDOS attack is performed at layer 7 to take down web infrastructure. Partial HTTP requests are sent to the web infrastructure or applications. Upon receiving a partial request, the target servers op
The correct answer is A. Slowloris attack. A Slowloris attack is a Layer 7 DoS technique that keeps web server connections open by sending partial HTTP requests, exhausting the server's connection pool.
Question
A DDOS attack is performed at layer 7 to take down web infrastructure. Partial HTTP requests are sent to the web infrastructure or applications. Upon receiving a partial request, the target servers opens multiple connections and keeps waiting for the requests to complete. Which attack is being described here?
Options
- ASlowloris attack
- BSession splicing
- CPhlashing
- DDesynchronization
How the community answered
(57 responses)- A88% (50)
- B7% (4)
- C4% (2)
- D2% (1)
Why each option
A Slowloris attack is a Layer 7 DoS technique that keeps web server connections open by sending partial HTTP requests, exhausting the server's connection pool.
Slowloris works by initiating many HTTP connections to a target server and sending partial request headers very slowly, causing the server to hold each connection open while waiting for the request to complete. Because the server's maximum concurrent connection limit becomes saturated by these never-completing requests, it becomes unavailable to legitimate users - all without requiring significant bandwidth from the attacker.
Session splicing is an IDS/IPS evasion technique that fragments malicious payloads across multiple TCP packets to bypass signature detection, and is unrelated to exhausting server connections via partial HTTP requests.
Phlashing is a permanent denial-of-service attack that corrupts a device's firmware to cause irreversible hardware damage, and has no relationship to HTTP request manipulation or web server resource exhaustion.
Desynchronization is a TCP session hijacking technique that injects forged packets to disrupt sequence number synchronization between two communicating hosts, not a method of holding server connections open via incomplete requests.
Concept tested: Slowloris Layer 7 partial HTTP DoS attack mechanism
Source: https://owasp.org/www-community/attacks/Slow_HTTP_Attack
Topics
Community Discussion
No community discussion yet for this question.