           SPELL=slowhttptest
         VERSION=1.4
          SOURCE=$SPELL-$VERSION.tar.gz
SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION"
   SOURCE_URL[0]=http://slowhttptest.googlecode.com/files/$SOURCE
     SOURCE_HASH=sha512:7110727b6955bd62d532b0cfa5768450e0106e9fd935fa59991fcf276b2e571cf96d268cb09e251c08c619240062b2f053f954d1fdb3596e829a7f06873fe0cf
        WEB_SITE=http://code.google.com/p/slowhttptest/
     GATHER_DOCS=off
      LICENSE[0]=APACHE
         ENTERED=20120427
        KEYWORDS="net"
           SHORT="application layer DoS attack simulator"
cat << EOF
SlowHTTPTest is a highly configurable tool that simulates some Application Layer
Denial of Service attacks.

It implements most common low-bandwidth Application Layer DoS attacks, such as
slowloris, Slow HTTP POST, Slow Read attack (based on TCP persist timer exploit)
by draining concurrent connections pool, as well as Apache Range Header attack
by causing very significant memory and CPU usage on the server.

Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP protocol,
by design, requires requests to be completely received by the server before they
are processed. If an HTTP request is not complete, or if the transfer rate is
very low, the server keeps its resources busy waiting for the rest of the data.
If the server keeps too many resources busy, this creates a denial of service.
This tool is sending partial HTTP requests, trying to get denial of service from
target HTTP server.

Slow Read DoS attack aims the same resources as slowloris and slow POST, but
instead of prolonging the request, it sends legitimate HTTP request and reads
the response slowly.
EOF
