Looking for information about mitigating attacks made by PyLoris, a similar tool to Slowloris. Do the irule suggestions on the F5 site for mitigating Slowloris apply to this tool as well? If not, are there non-ASM mitigation strategies?
PyLoris is SlowLoris rewritten in Python to provide a couple of tweaks. Essentially, any setup that causes the BigIP to read data from the client before it opens a connection to a pool member, and times out idle/slow connections in a reasonable time then both CLowLoris and PyLoris are defeated.
The existing iRules specified in Solution 10260 will mitigate this attack for LTM.