F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Benjamin_9036's avatar
Benjamin_9036
Historic F5 Account
Jun 19, 2009
Heya,

 

 

I spent some time testing this yesterday, in fact. Since the ASM acts as a full proxy, the connections are never opened to the pool members. Watching Slowloris traffic on the wire showed that it consumed threads by sending a POST with a Content-Length that it never fulfilled. Since ASM doesn't open a connection to the servers until it has received, parsed, and approved (based on the security policy), and Slowloris never completes its request the ASM never opens a connection to the servers. Since the point of Slowloris is to not simply DoS by volume (the default number of sockets is only 500), this should probably not cause any problems.

 

 

// Ben