Re: "download" caps

From: Jp Wise (jpwiseat_private)
Date: Wed Nov 27 2002 - 03:22:28 PST

Next message: Michael: "Motorola T900 Programming"

Previous message: r00t: "Re: CounterStrike (HalfLife?) Server possible DoS attack."
In reply to: Peter Gutmann: "Re: "download" caps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Likewise as Peter said, traffic here in New Zealand (and I believe most of
Australia also) has already moved most of the plans to a byte charged system.

The user purchases an account with xyz MB/month, over & above that they pay so many
cents per MB. Some having a different charging rate for national vs. international
traffic. The national traffic being cheaper.

Both the Cable & ADSL providers in NZ work around that philosphy.

I've personally encountered exactly what you described. I ended up loosing 500mb on
a 10gig/month plan at one stage, when someone decided to perform a mini DDOS. 500mb
in 2 mins, on a 128kbit/s link. Most of the data never reached me, but as far as
the ISP was concerned it was destined for me, so I get the bill for it. I should
probably consider myself lucky they didn't leave it going for a couple of hours.
But it's a case in point example of how easily it could affect someone.

Not quite a vuln-dev type thing, but a seemingly steady trend in the ISP market.

Jp.

Peter Gutmann wrote:

> J Edgar Hoover <zorchat_private> writes:
>
> >I'm wondering if you could effectively DoS a capped account for a month by
> >sending a lot of unrequested data.
>
> This has happened quite a lot here, with full-rate accounts where you get
> charged for traffic over a certain level, and rate-limited accounts with no
> charges.  The traffic is billed based on what heads your way at the DSLAM, so
> you end up being billed for syn floods, traffic aimed at whoever last had your
> IP, etc etc etc.  There are no figures on this, but from anecdotal evidence a
> large number of users are abandoning full-rate for rate-limited DSL which
> doesn't have this problem (I switched after DSLAM records showed I'd done
> 130MB of traffic in two days while my external router recorded < 30MB).  It's
> a pain for everyone, users go from 8MB/s to 128Kb/s, and the provider loses a
> lot of revenue when people switch to the DOS-proof non-capped (and much cheaper
> because of the slow speed) accounts.  One possible solution is to run at full
> rate until you've used your monthly quota, then switch to rate-limited, but
> apparently the DSLAM technology being used makes this impossible.
>
> Peter.

Next message: Michael: "Motorola T900 Programming"
Previous message: r00t: "Re: CounterStrike (HalfLife?) Server possible DoS attack."
In reply to: Peter Gutmann: "Re: "download" caps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 29 2002 - 19:40:10 PST