Topic
  • 2 replies
  • Latest Post - ‏2013-05-20T15:30:39Z by PB Point
rf0914
rf0914
161 Posts

Pinned topic slow http header on qualys scan

‏2011-09-27T13:56:57Z |
I am running webseal/tam 6.0. We regularly run a qualys scan and I recieve the following from qualys:

Slow HTTP headers vulnerability.

Web Application is vulnerable to slow HTTP headers DDoS attack.
Has anyone ever seen this and if so, how is it fixed ?

Thanks
  • DaveArnold
    DaveArnold
    1 Post

    Re: slow http header on qualys scan

    ‏2013-05-13T10:35:19Z  

    Did you find a resolution for this?

    We have just had the same Qualys scan results.

    It can be fixed in the IHS instances using the "mod_reqtimeout" module but nothing in the documentation for the internal WAS HTTP servers.

     

  • PB Point
    PB Point
    1 Post

    Re: slow http header on qualys scan

    ‏2013-05-20T15:30:39Z  

     

    If you are using Apache, the recommendations on how to harden the server can be found here: 
     
     
    WAS is doing passive test, which means it analyzes the server response timings to abnormal requests and makes an evaluation based on this information.
     
    To actively test if they are vulnerable - you can use slowhttptest mentioned in the above article - but this should only be done during a maintenance window for the site or in a separate QA environment as it can DOS the server pretty easily if the configuration is not set correctly.
     
    contact support@qualys.com if you have further issues/questions - we're here to help.