Hi all,
I've just done a quick vulnerability scan on my web server and it seems to be open to the "slow http post attack". Apparently it's similar to the "slowloris" attack (to which IIS is NOT vulnerable) but this one apparently does affect IIS.
Does anyone have any advice about how to close the vulnerability on IIS? (I'm a little surprised how hard it seems to find any info about this supposed vulnerability.) I'm running IIS 7.5 by the way.
Thanks very much!
RS