Likewise as Peter said, traffic here in New Zealand (and I believe most of Australia also) has already moved most of the plans to a byte charged system. The user purchases an account with xyz MB/month, over & above that they pay so many cents per MB. Some having a different charging rate for national vs. international traffic. The national traffic being cheaper. Both the Cable & ADSL providers in NZ work around that philosphy. I've personally encountered exactly what you described. I ended up loosing 500mb on a 10gig/month plan at one stage, when someone decided to perform a mini DDOS. 500mb in 2 mins, on a 128kbit/s link. Most of the data never reached me, but as far as the ISP was concerned it was destined for me, so I get the bill for it. I should probably consider myself lucky they didn't leave it going for a couple of hours. But it's a case in point example of how easily it could affect someone. Not quite a vuln-dev type thing, but a seemingly steady trend in the ISP market. Jp. Peter Gutmann wrote: > J Edgar Hoover <zorchat_private> writes: > > >I'm wondering if you could effectively DoS a capped account for a month by > >sending a lot of unrequested data. > > This has happened quite a lot here, with full-rate accounts where you get > charged for traffic over a certain level, and rate-limited accounts with no > charges. The traffic is billed based on what heads your way at the DSLAM, so > you end up being billed for syn floods, traffic aimed at whoever last had your > IP, etc etc etc. There are no figures on this, but from anecdotal evidence a > large number of users are abandoning full-rate for rate-limited DSL which > doesn't have this problem (I switched after DSLAM records showed I'd done > 130MB of traffic in two days while my external router recorded < 30MB). It's > a pain for everyone, users go from 8MB/s to 128Kb/s, and the provider loses a > lot of revenue when people switch to the DOS-proof non-capped (and much cheaper > because of the slow speed) accounts. One possible solution is to run at full > rate until you've used your monthly quota, then switch to rate-limited, but > apparently the DSLAM technology being used makes this impossible. > > Peter.
This archive was generated by hypermail 2b30 : Fri Nov 29 2002 - 19:40:10 PST