Eat up 4GB Bandwidth Quickly!

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Frank Hagan
    Senior Member
    • Mar 2004
    • 724

    Eat up 4GB Bandwidth Quickly!

    There's a "service" out there that "tests" your server for you and quickly consumes about 4 GB of bandwidth. It was featured in a tech blog this morning.

    I won't share the URL here because Dathorn's forums are public, but any of you can PM or email me and I'll let you know. The testing application allows anyone to enter any domain name and WHAM, they get hit with 4 GB of traffic.

    I tried it this morning and yeah, it lets you mount what is in essence a bandwidth attack on any site you want. I'm thinking I'll put the IP address in each customer's .htaccess file (using the IP Deny applet in Cpanel.)
  • AndrewT
    Administrator
    • Mar 2004
    • 3653

    #2
    Nice. Doesn't sound like they thought this through if anyone can enter any domain. I'm sure their data center / upstream providers would love to see complaints concerning this.

    Comment

    • Frank Hagan
      Senior Member
      • Mar 2004
      • 724

      #3
      They should have some kind of verification scheme in place like Google uses (either a file or a meta tag). I probably should let them know the impact it had on my site.

      Comment

      • powvex
        Member
        • Mar 2004
        • 67

        #4
        I think there is something wrong with this service. what it'll do to "test", that gets 4gb hit in minutes?? port scanning? if its port scanning it's got temporary block by LFD/CFD in 10th scan.
        please pm me, I want to check this out.

        I've almost forgot, these kind of services should be ip-blocked at our server's level by Andrew to prevent disaster.

        Comment

        • Frank Hagan
          Senior Member
          • Mar 2004
          • 724

          #5
          I sent you a PM with the URL and the IP address and log entry you'll see in the raw logs.

          Comment

          • ChrisTech
            Senior Member
            • Mar 2004
            • 530

            #6
            Ouch, in the wrong hands, that could be horrible for many sites. Hope this isn't a legit company.

            In hindsight, what if someone put that company's domain in it... ??? Sad to say, but that might get their attention as well.

            Do us a favor and bury that url/info. Well give it to Andrew to block on the servers, but yah, bury it.
            Hosting at Dathorn since March 2003!

            My Interwebs speed on Charter Cable!

            Comment

            Working...