Low and Slow


Instead of generating a sudden burst in traffic volume, Low and Slow attacks, also known as low rate, fly under the radar. The aim is to tie up every connection with slow requests, preventing genuine traffic from accessing the application or server. Common methods include sending partial HTTP requests and sending small data packets or “keep alive” messages to keep the session from going idle or timing out. These attack vectors are not only hard to block, but also to detect.

There are several known tools that are available for perpetrators to launch low and slow attacks including Slowloris, SlowPOST, SlowHTTPTest, Tor’sHammer, R.U.Dead.Yet and LOIC.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support

Get Social

Connect with experts and join the conversation about Radware technologies.

Radware Blog
Security Research Center