An anonymous reader writes: The attack is new in that it uses reading rather than POST, and limits the server response, filling up the write buffer on the server end. There are other recent attack tools that do something similar, but this tool achieves it just by limiting the response with an ACK that sends a low or zero window value. Sockstress does this, but it uses raw sockets; this attack is simpler because it only uses the TCP Sockets API. So, the vulnerability isn't new; the attack style is an evolution of the slow attack approach. It's still worth noting because of the large number of websites that are potentially vulnerable to this and the relatively low bandwidth requirements of the attack.