in reply to Re: LWP Slow Get
in thread LWP Slow Get

That's on the wrong end, if I understand the remark about IDS penetration testing. He wants to send the HTTP GET request slowly over a long time to see if the remote side notices the suspicious request or not (although I'd think that any sane IDS would be reconstructing things on the TCP connection level and looking at the stream as a whole regardless of how long it takes (of course that ups the resource requirements in that you've got to maintain that context until it is a complete request, or complete enough to tell if it's hostile or not) in order to avoid this sort of weakness; but then maybe that's what they're trying to ascertain).

Replies are listed 'Best First'.
Re^3: LWP Slow Get
by stanislav5000 (Novice) on Apr 03, 2007 at 19:08 UTC
    You're right on, Fletch. Check this out. It appears to work, but I have to take a quick capture to verify: 
    #!/usr/bin/perl -w
use IO::Socket;
unless (@ARGV > 1) { die "usage: $0 host document ..." }
$host = shift(@ARGV);
$get = "GET / HTTP/1.0\n\n";
    $remote = IO::Socket::INET->new( Proto     => "tcp",
                                     PeerAddr  => $host,
                                     PeerPort  => "http(80)",
                                    );
    unless ($remote) { die "cannot connect to http daemon on $host" }
    $remote->autoflush(1);
    @lines = split(//,$get);
    foreach $singlechar (@lines) {
    print $remote $singlechar;
    sleep(1);
    #while ( <$remote> ) { print }
    }
    close $remote;

    [download]
[reply]
[d/l]

In Section Seekers of Perl Wisdom