Slow Loris Attack - Computerphile

TL;DR
The Slow Loris attack is a type of Denial of Service (DoS) attack that targets web servers by sending requests incredibly slowly, causing the server to become overloaded.
Transcript
This is not really relevant to the video, actually, but this is a slow loris. I just wanted to show it because it was cute, that's all... Don't keep them as pets though. Now, the slow loris is I guess my favorite Denial of Service (DoS) attack -- now that says a lot about me, doesn't it, that I have a favorite denial of service attack... Before we... Read More
Key Insights
- 👊 The Slow Loris attack is a layer-7 application attack that exploits a vulnerability in the way web servers handle HTTP requests.
- 👊 The attack does not require a large amount of bandwidth and can be performed by a single computer sending requests slowly.
- 👊 Apache web servers are particularly vulnerable to the Slow Loris attack due to their design of creating a new thread for each concurrent connection.
- 👊 The attack is difficult to detect as it mimics normal HTTP requests, making it challenging for firewalls to block it effectively.
- 🐢 Slow Loris and similar low and slow attacks highlight the vulnerability of assuming predictable behavior in protocols and systems.
- 👊 Smaller websites are more susceptible to the impact of Slow Loris attacks, as they have limited resources to handle concurrent connections.
- 👊 The Slow Loris attack can lead to financial losses for businesses whose websites become inaccessible to users during an attack.
Install to Summarize YouTube Videos and Get Transcripts
Explore YouTube Video Summarizer or Get YouTube Transcript Extractor
Questions & Answers
Q: How does the Slow Loris attack differ from traditional DoS attacks?
The Slow Loris attack is a protocol-based attack that exploits the way web servers handle HTTP requests. It sends requests slowly, keeping the server waiting for a response, ultimately overloading it. Traditional DoS attacks aim to overwhelm servers with a large volume of requests.
Q: Can the Slow Loris attack be detected easily?
The Slow Loris attack is challenging to detect because it appears as a normal HTTP request. The attack uses valid HTTP requests, but at an incredibly slow pace, making it difficult for traditional security measures to identify and block it.
Q: Which type of web servers are most vulnerable to the Slow Loris attack?
The Slow Loris attack primarily affects Apache web servers. Apache's design of starting a new thread for each concurrent connection makes it susceptible to the attack as it can lead to the exhaustion of available threads, causing the server to slow down or crash.
Q: How can the Slow Loris attack impact targeted websites?
The Slow Loris attack can have a significant impact on smaller websites by preventing genuine users from accessing the website due to server overload. It can result in financial loss for businesses that rely on their website for sales or customer engagement.
Summary & Key Takeaways
-
The Slow Loris attack is a unique type of DoS attack that exploits a protocol vulnerability and does not require a large amount of bandwidth.
-
Unlike traditional DoS attacks, the Slow Loris attack sends HTTP requests slowly, keeping the connection open for as long as possible, leading to server overload.
-
This attack primarily affects Apache web servers, as their concurrent connection limit can be exceeded by the Slow Loris attack.
Read in Other Languages (beta)
Share This Summary 📚
Summarize YouTube Videos and Get Video Transcripts with 1-Click
Try YouTube Summary with ChatGPT & Claude or YouTube Transcript Generator
Explore More Summaries from Computerphile 📚






Summarize YouTube Videos and Get Video Transcripts with 1-Click
Try YouTube Summary with ChatGPT & Claude or YouTube Transcript Generator