emerson.c.tanat_private wrote: > > An easy method would be to break up the estimated 196K infections accross a > statistical average of bandwidth accross the internet (excluding dial up's > as these are not likely to be terribly effective in the attack, nor are > they likely to have the right operating systems installed. In the vast > majority of cases we are talking about servers and permanently connected > workstations). A <Scientific Wild Ass Guess> guess is the figure is in the > order of 1-10 's of meg per second. I was unable to find any good reliable > statistics about this sort of thing and if someone can point me in the > right direction I can do the analysis and see how it compares with what we > see tommorow. > Bandwidth generally won't be a problem, at least not all the way at the client end. For a SWAG, use a 128kbps link. It's probably fair to assume that many IIS servers will be on high-speed links. 128,000 bps * 1/8 B/b * 60 s/min * 60 min/hr * 24 hr/day = more than 1.3 GB/day. Or, 128Kbps * 10,000 attacking web servers = 1.2Gbps, or about 2 OC-12s. BB
This archive was generated by hypermail 2b30 : Thu Jul 19 2001 - 16:26:26 PDT