

THC SSL DOS Tool Released - i-hacker
http://blog.insecure.in/?p=1005

======
smussman
THC's page for this tool can be found at <http://www.thc.org/thc-ssl-dos/>.

They also have a press release of sorts up at
[http://thehackerschoice.wordpress.com/2011/10/24/thc-ssl-
dos...](http://thehackerschoice.wordpress.com/2011/10/24/thc-ssl-dos/).

------
peterwwillis
Seems to me you could just patch the library that handles the secure
renegotiation for an option to keep stats on reneg per client so you can put a
threshold for reneg handshakes per X time. Any more than 100 renegotiated
handshakes in 10 minutes sounds excessive to me (but i'm not sure how often
they're used in the real world)

