PyLoris is a scriptable tool for testing a service's level of vulnerability to a particular class of Denial of Service (DoS) attack. Any service that places restrictions on the total number of simultaneous TCP connections has the potential for vulnerability to PyLoris. Additionally, services that handle connections in independent threads, services that poorly manage concurrent connections, and services that have high memory footprint per connection are prone to this form of vulnerability.
I came across a wonderful idea on Hack a Day recently: a Denial of Service attack that overwhelms only the service under attack. After reading through RSnake's twowriteups, I decided to take a swing at the code. Thus PyLoris was born.
While stomping around the cDc blog, I came across the Eve. Eve is a network traffic analyzer which gifts its users with a 3D visual representation of the network traffic as it is happening. To be honest the moment I read this a little part of me screamed for joy. I rushed through the site and downloaded the trial version.
I would just like to once again express how unequivocally pleased I am that Microsoft has produced free versions of their Visual Studio IDE, aptly titled Visual Studio Express. A product such as this is a boon to both the software megalith and individual developers alike. It allows would-be developers the freedom to explore the options at hand, without the moral dilemma of pirating software.
