Project 16: Attacking Apache with the OWASP HTTP DoS Tool (15 pts.)

Requirements

You will need two machines--they can be physical or virtual, but they must be on the same LAN:

Starting the Apache Web Server

Start the Linux machine and log in. Open a Terminal window. Ping ubuntu.com and make sure you are getting replies. If you are not, you need to fix your networking before you can proceed.

In the Terminal window, execute this command:

service apache2 start

Viewing the Apache Server Status

In the Linux machine, open Firefox. Enter this address: http://localhost/server-status

You should see only one letter in the grid, indicating that only one client is being served at the moment, as shown below on this page.

Getting the OWASP HTTP DoS Tool

On the Windows machine, open a browser and go to http://www.proactiverisk.com/home/proactivetools

Download the "Switchblade Denial of Service" tool, as shown below.

Alternate Download Link

If the tool is no longer there, use this alternate download link:

http://samsclass.info/123/proj14/HttpDosTool4.0.zip

Attacking Apache with the OWASP HTTP DoS Tool

The downloaded file is named "HttpDosTool4.0.zip". Unzip it.

A window named "HttpDosTool4.0" appears. Double-click the SwitchBlade4.0 folder to open it. Double-click the gui.exe file. The "HTTP attack" window opens, as shown below.

In the URL box, enter http:// followed by the IP address of your Linux Apache server.

Start with these parameters, which are sufficient to bring Apache to a total stop:

Click the "Run attack" button. You should see the "HTTP Attack information" box, as shown below on this page.

Viewing the Apache Server Status

In the Linux machine, in Firefox, click the Refresh button. If the page does not load, you may have to stop the attack briefly to get the session started, and then restart the attack, and then refresh the Firefox page.

You should see the grid full of letters, indicating that all possible connections (150) are in use, as shown below on this page.

Saving the Screen Image

Make sure you can see the status grid filled with letters, as shown in the image above on this page.

Save a screen image with the filename Proj 16 from Your Name.

Stopping the Attack

In the Windows machine, in the "HTTP Attack information" box, click the "Cancel attack" button.

Turning in Your Project

Email the image to [email protected] with a Subject line of Proj 16 from Your Name.


Sources

http://linuxlog.org/?p=135

http://blog.spiderlabs.com/modsecurity/page/2/

http://mdessus.free.fr/?p=7

http://blog.ebizdaddy.com/2010/11/fortify-apache-web-server-with-mod_evasive-and-mod_security-on-ubuntu-10-04-lts-server/

Last modified: 9-13-14 11:45 am