Low and Slow

Instead of generating a sudden burst in traffic volume, Low and Slow attacks, also known as low rate, fly under the radar. The aim is to tie up every connection with slow requests, preventing genuine traffic from accessing the application or server. Common methods include sending partial HTTP requests and sending small data packets or “keep alive” messages to keep the session from going idle or timing out. These attack vectors are not only hard to block, but also to detect.

There are several known tools that are available for perpetrators to launch low and slow attacks including Slowloris, SlowPOST, SlowHTTPTest, Tor’sHammer, R.U.Dead.Yet and LOIC.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center