Update techniques/slowloris/slowloris_resource_exhaustion.md
This commit is contained in:
parent
03a44fea84
commit
b426b2346b
|
|
@ -6,7 +6,7 @@ The Church of Malware (CoM) does not condone the use or introduction of primates
|
||||||
|
|
||||||
Slowloris, originally published in 2009, is a low-bandwidth denial-of-service technique that opens many partial HTTP connections and keeps them alive by sending incomplete requests at a very slow rate (bytes per minute). The target server's connection table fills while legitimate traffic is starved.
|
Slowloris, originally published in 2009, is a low-bandwidth denial-of-service technique that opens many partial HTTP connections and keeps them alive by sending incomplete requests at a very slow rate (bytes per minute). The target server's connection table fills while legitimate traffic is starved.
|
||||||
|
|
||||||
In the context of content protection, the polarity is reversed: the *origin server* deliberately slows or fragments responses exclusively to non-compliant user-agents. The effect on the scraper is identical—its worker threads or connection pools are tied up for minutes per request—while the creator's bandwidth cost remains near zero.
|
In the context of content protection, the polarity is reversed: the *origin server* deliberately slows or fragments responses exclusively to non-compliant user-agents. The effect on the scraper is identical, its worker threads or connection pools are tied up for minutes per request while the creator's bandwidth cost remains near zero.
|
||||||
|
|
||||||
### 1.1 -- Variants Applicable to Individual Operators
|
### 1.1 -- Variants Applicable to Individual Operators
|
||||||
- **Classic Slowloris response**: Server accepts the request but transmits the response body at ~1 byte/second.
|
- **Classic Slowloris response**: Server accepts the request but transmits the response body at ~1 byte/second.
|
||||||
|
|
@ -22,7 +22,7 @@ Modern AI ingestion systems are optimized for throughput:
|
||||||
- Short timeouts on individual requests.
|
- Short timeouts on individual requests.
|
||||||
- Reliance on connection reuse and HTTP/2 multiplexing.
|
- Reliance on connection reuse and HTTP/2 multiplexing.
|
||||||
|
|
||||||
A single slow response can block an entire worker for the duration of the timer (commonly 30–120 seconds). At scale, this multiplies into significant cloud billing spikes or job queue backlogs—exactly the economic signal described in the primary dissertation.
|
A single slow response can block an entire worker for the duration of the timer (commonly 30–120 seconds). At scale, this multiplies into significant cloud billing spikes or job queue backlogs exactly the economic signal described in the primary dissertation.
|
||||||
|
|
||||||
## 2 -- Protecting Individual Creative Output
|
## 2 -- Protecting Individual Creative Output
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user