THC SSL DDOS Leaves SSL Sites Vulnerable
How It Works?
THC-SSL-DOS exploits this asymmetric property by overloading theserver and knocking it off the Internet.This problem affects all SSL implementations today. The vendors are awareof this problem since 2003 and the topic has been widely discussed.This attack further exploits the SSL secure Renegotiation featureto trigger thousands of renegotiations via single TCP connection.
Windows binary: thc-ssl-dos-1.4-win-bin.zip
Unix Source : thc-ssl-dos-1.4.tar.gz
./thc-ssl-dos Target 443 or any other SSL enabled port.
As this is protocol based flaw it cannot be completly avoided, but the best mitigation technique is to disable SSL-Renegotiation as the exploit purely targets SSL-Renegotiation.