From root@undeliverable.renatasystems.org  Fri Jul  3 12:14:49 2009
Return-Path: <root@undeliverable.renatasystems.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D181E1065673
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  3 Jul 2009 12:14:49 +0000 (UTC)
	(envelope-from root@undeliverable.renatasystems.org)
Received: from hs-9.renatasystems.org (hs-9.renatasystems.org [83.222.5.149])
	by mx1.freebsd.org (Postfix) with SMTP id 11E0D8FC12
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  3 Jul 2009 12:14:48 +0000 (UTC)
	(envelope-from root@undeliverable.renatasystems.org)
Received: (qmail 26544 invoked by uid 0); 3 Jul 2009 16:14:46 +0400
Message-Id: <20090703121446.26543.qmail@hs-9.renatasystems.org>
Date: 3 Jul 2009 16:14:46 +0400
From: Alexey V.Degtyarev <alexey@renatasystems.org>
Reply-To: Alexey V.Degtyarev <alexey@renatasystems.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: New port: benchmarks/slowloris - HTTP client to test webservers over denial-of-service attacks
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         136281
>Category:       ports
>Synopsis:       New port: benchmarks/slowloris - HTTP client to test webservers over denial-of-service attacks
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pgollucci
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jul 03 12:20:05 UTC 2009
>Closed-Date:    Mon Jul 13 22:43:14 UTC 2009
>Last-Modified:  Mon Jul 13 22:50:01 UTC 2009
>Originator:     Alexey V. Degtyarev
>Release:        FreeBSD 7.1-RELEASE amd64
>Organization:
>Environment:
System: FreeBSD renatasystems.org 7.1-RELEASE FreeBSD 7.1-RELEASE #0: Thu Jan 1 08:58:24 UTC 2009 root@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64


	
>Description:
Slowloris both helps identify the timeout windows of a HTTP server or Proxy
server, can bypass httpready protection and ultimately performs a fairly low
bandwidth denial of service.  It has the added benefit of allowing the server
to come back at any time (once the program is killed), and not spamming the
logs excessively.  It also keeps the load nice and low on the target server, so
other vital processes don't die unexpectedly, or cause alarm to anyone who is
logged into the server for other reasons.

The main audience using slowloris is of course a system administrators wanting
to measure their webserver's performance and vulnerability.

WWW: http://ha.ckers.org/slowloris/
>How-To-Repeat:
	
>Fix:

	

--- slowloris.shar begins here ---
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	slowloris
#	slowloris/pkg-descr
#	slowloris/distinfo
#	slowloris/Makefile
#	slowloris/files
#	slowloris/files/extra-nothreads
#
echo c - slowloris
mkdir -p slowloris > /dev/null 2>&1
echo x - slowloris/pkg-descr
sed 's/^X//' >slowloris/pkg-descr << '35d5a4b2e9f67caad838f1e76b0c8bad'
XSlowloris both helps identify the timeout windows of a HTTP server or Proxy
Xserver, can bypass httpready protection and ultimately performs a fairly low
Xbandwidth denial of service.  It has the added benefit of allowing the server
Xto come back at any time (once the program is killed), and not spamming the
Xlogs excessively.  It also keeps the load nice and low on the target server, so
Xother vital processes don't die unexpectedly, or cause alarm to anyone who is
Xlogged into the server for other reasons.
X
XThe main audience using slowloris is of course a system administrators wanting
Xto measure their webserver's performance and vulnerability.
X
XWWW: http://ha.ckers.org/slowloris/
35d5a4b2e9f67caad838f1e76b0c8bad
echo x - slowloris/distinfo
sed 's/^X//' >slowloris/distinfo << '2a074b7961c4d986b16d1fda8fa94900'
XMD5 (slowloris-0.7.tar.gz) = e2f11939daccc1c623acda7ab337ec1b
XSHA256 (slowloris-0.7.tar.gz) = 72aa764570bc5c7c97caca585cdc67dcfd731ca0184e01d81ceb3917e4b04ff9
XSIZE (slowloris-0.7.tar.gz) = 6306
2a074b7961c4d986b16d1fda8fa94900
echo x - slowloris/Makefile
sed 's/^X//' >slowloris/Makefile << 'e4d15b0e829e99f7196201fdaac97698'
X# New ports collection makefile for:	slowloris
X# Date created:				Fri 03 Jul 2009
X# Whom:					Alexey V. Degtyarev
X#
X# $FreeBSD$
X#
X
XPORTNAME=	slowloris
XPORTVERSION=	0.7
XCATEGORIES=	benchmarks
XMASTER_SITES=	ftp://ftp.renatasystems.org/pub/FreeBSD/ports/distfiles/
X
XMAINTAINER=	alexey@renatasystems.org
XCOMMENT=	The low bandwidth, yet greedy and poisonous HTTP client
X
XUSE_PERL5=	yes
XNO_BUILD=	yes
X
XRUN_DEPENDS=	p5-IO-Socket-SSL>=0:${PORTSDIR}/security/p5-IO-Socket-SSL \
X		p5-Getopt-Long>=0:${PORTSDIR}/devel/p5-Getopt-Long
X
XPLIST_FILES=	bin/slowloris
X
X.include <bsd.port.pre.mk>
X
XPERL_THREADS=	no
X
X.if exists(${PERL})
XPERL_THREADS!=  ${PERL} -V::usethreads
X.if ${PERL_THREADS} == "'define';"
XRUN_DEPENDS+=	p5-threads-shared>=0:${PORTSDIR}/devel/p5-threads-shared
XPERL_THREADS=	yes
X.endif
X.endif
X
X.if ${PERL_THREADS} != "yes"
XEXTRA_PATCHES+=	${FILESDIR}/extra-nothreads
X.endif
X
Xdo-install:
X	${INSTALL_SCRIPT} ${WRKSRC}/slowloris.pl ${PREFIX}/bin/slowloris
X
X.include <bsd.port.post.mk>
e4d15b0e829e99f7196201fdaac97698
echo c - slowloris/files
mkdir -p slowloris/files > /dev/null 2>&1
echo x - slowloris/files/extra-nothreads
sed 's/^X//' >slowloris/files/extra-nothreads << '78942374d7b3c94b1df362e27e97de55'
X--- slowloris.pl.orig	2009-06-29 18:05:27.000000000 +0400
X+++ slowloris.pl	2009-07-03 14:31:35.000000000 +0400
X@@ -96,2 +96,2 @@
X-    use threads;
X-    use threads::shared;
X+#    use threads;
X+#    use threads::shared;
78942374d7b3c94b1df362e27e97de55
exit
--- slowloris.shar ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->pgollucci 
Responsible-Changed-By: pgollucci 
Responsible-Changed-When: Wed Jul 8 03:21:59 UTC 2009 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=136281 
State-Changed-From-To: open->closed 
State-Changed-By: pgollucci 
State-Changed-When: Mon Jul 13 22:43:12 UTC 2009 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=136281 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/136281: commit references a PR
Date: Mon, 13 Jul 2009 22:40:30 +0000 (UTC)

 pgollucci    2009-07-13 22:40:20 UTC
 
   FreeBSD ports repository
 
   Modified files:
     benchmarks           Makefile 
   Added files:
     benchmarks/slowloris Makefile distinfo pkg-descr 
     benchmarks/slowloris/files extra-nothreads 
   Log:
   Slowloris both helps identify the timeout windows of a HTTP server or Proxy
   server, can bypass httpready protection and ultimately performs a fairly low
   bandwidth denial of service.  It has the added benefit of allowing the server
   to come back at any time (once the program is killed), and not spamming the
   logs excessively.  It also keeps the load nice and low on the target server, so
   other vital processes don't die unexpectedly, or cause alarm to anyone who is
   logged into the server for other reasons.
   
   The main audience using slowloris is of course a system administrators wanting
   to measure their webserver's performance and vulnerability.
   
   WWW: http://ha.ckers.org/slowloris/
   
   PR:             ports/136281
   Submitted by:   Alexey V. Degtyarev
   
   Revision  Changes    Path
   1.66      +1 -0      ports/benchmarks/Makefile
   1.1       +43 -0     ports/benchmarks/slowloris/Makefile (new)
   1.1       +3 -0      ports/benchmarks/slowloris/distinfo (new)
   1.1       +7 -0      ports/benchmarks/slowloris/files/extra-nothreads (new)
   1.1       +12 -0     ports/benchmarks/slowloris/pkg-descr (new)
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
