Web Timeouts and Their Implications

Download Now Free registration required

Executive Summary

Timeouts play a fundamental role in network protocols, controlling numerous aspects of host behavior at different layers of the protocol stack. Previous work has documented a class of Denial of Service (DoS) attacks that leverage timeouts to force a host to preserve state with a bare minimum level of interactivity with the attacker. This paper considers the vulnerability of operational Web servers to such attacks by comparing timeouts implemented in servers with the normal Web activity that informs the understanding as to the necessary length of timeouts.

  • Format: PDF
  • Size: 140.8 KB