Project 16: Attacking Apache with the OWASP HTTP DoS Tool (15 pts.)

Requirements

You will need two machines--they can be physical or virtual, but they must be on the same LAN:

Starting the Apache Web Server

Start the Linux machine and log in. Open a Terminal window. Ping ubuntu.com and make sure you are getting replies. If you are not, you need to fix your networking before you can proceed.

In the Terminal window, execute this command:

service apache2 start

Viewing the Apache Server Status

In the Linux machine, open Firefox. Enter this address: http://localhost/server-status

You should see only one letter in the grid, indicating that only one client is being served at the moment, as shown below on this page.

Getting the OWASP HTTP DoS Tool

If you are using Windows 7 or later, download this file:

http://samsclass.info/123/proj14/HttpDosTool4.0.zip

If you are using Windows 2008 Server, you need to use this old version:

http://samsclass.info/123/proj14/HttpDosTool3.6.zip

Attacking Apache with the OWASP HTTP DoS Tool

The downloaded file is named "HttpDosTool4.0.zip". Unzip it.

If you are using HttpDosTool4.0, A window named "HttpDosTool4.0" appears. Double-click the SwitchBlade4.0 folder to open it. Double-click the gui.exe file.

If you are using HttpDosTool3.6, A window named "HttpDosTool3.6" appears. Double-click the HttpDosTool folder to open it. Double-click the gui.exe file.

The "HTTP attack" window opens, as shown below.

In the URL box, enter http:// followed by the IP address of your Linux Apache server.

Start with these parameters, which are sufficient to bring Apache to a total stop:

Click the "Run attack" button.

Viewing the Apache Server Status

In the Linux machine, in Firefox, click the Refresh button.

Refresh the page every few seconds.

You should see the grid gradually fill with letters, indicating that all possible connections (150) are in use, as shown below on this page.

Saving the Screen Image

Make sure you can see the status grid filled with letters, as shown in the image above on this page.

YOU MUST SUBMIT A FULL-DESKTOP IMAGE FOR FULL CREDIT

Save a screen image with the filename Proj 16 from Your Name.

Stopping the Attack

In the Windows machine, in the "HTTP Attack information" box, click the "Cancel attack" button.

Turning in Your Project

Email the image to cnit.123@gmail.com with a Subject line of Proj 16 from Your Name.


Sources

http://linuxlog.org/?p=135

http://blog.spiderlabs.com/modsecurity/page/2/

http://mdessus.free.fr/?p=7

http://blog.ebizdaddy.com/2010/11/fortify-apache-web-server-with-mod_evasive-and-mod_security-on-ubuntu-10-04-lts-server/

Last modified: 10-27-16