What is a Slowloris Attack?
Slowloris is a type of DDoS attack. Slowloris is distinctly different from others in that this tool is not a TCP DoS; rather, it uses perfectly legitimate HTTP traffic. It makes a full TCP connection and then requires only a few hundred requests at long term and regular intervals. As a result, the tool doesn't need to send a lot of traffic to exhaust the available connections on a server. Eventually all the connections will be used up and no other server will be able to connect until at least some of the held connections are released. This makes it possible for hackers with limited traffic resources to successfully mount an attack.
HOW TO PROTECT AGAINST SLOWLORIS:
The best protection against what some have called "death by partial request" is to use a real-time denial of service solution that can quickly figure out what's going on with the HTTP traffic and mitigate it.
Additional & Related Information: