Vulnerability scan show slowloris vulnerability

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
clebourgeois
Posts: 6
Joined: Fri Jul 21, 2017 3:29 pm

Vulnerability scan show slowloris vulnerability

Post by clebourgeois » Mon Apr 08, 2019 5:06 pm

How is everyone else handling things like slowloris? I would assume it be more of an http request timeout to handle the incomplete HTTP requests but I am having a problem deciphering which setting, if any, would mitigate the attack.

Instead of trying several settings related to connection timeouts I thought you may know the easy answer.

clebourgeois
Posts: 6
Joined: Fri Jul 21, 2017 3:29 pm

Re: Vulnerability scan show slowloris vulnerability

Post by clebourgeois » Mon Apr 08, 2019 5:52 pm


clebourgeois
Posts: 6
Joined: Fri Jul 21, 2017 3:29 pm

Re: Vulnerability scan show slowloris vulnerability

Post by clebourgeois » Mon Apr 08, 2019 5:59 pm

Some settings I was planning on playing with.

uint MaxConnectionsPerIP
uint MaxUnestablishedConnections
uint max_sessions
uint max_sessions_client

clebourgeois
Posts: 6
Joined: Fri Jul 21, 2017 3:29 pm

Re: Vulnerability scan show slowloris vulnerability

Post by clebourgeois » Wed Apr 10, 2019 2:14 pm

155 views and no ideas?

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: Vulnerability scan show slowloris vulnerability

Post by cedar » Tue Jun 04, 2019 9:39 am

MaxConnectionsPerIP doesn't work?

Post Reply