On 11/10/2010 04:46 AM, Patrick Baggett wrote:
OK so 1024 getchallenge packets every 40 milliseconds. Each getchallenge
packet's payload is about 20 bytes or so. Add the UDP header and that
probably goes up to about 40 bytes (I actually don't know how bit the UDP
headers are off hand, would have to read the specs). OK, so I need to send
40x1024 bytes every 40 milliseconds to do my denial of service attack. 1000
(1 second) divided by 40 millis is 25, so I need to send 25x40x1024 bytes
per second. That's 1 megabyte per second, or 8 megabits per second. It's
quite a lot of bandwidth for the job, but it would be effective (I have not
actually tested this, but a program would be easy enough to write).
Not so fast. Coming from one machine, that would be difficult. You can't
simply take the sizes and multiply them and conclude that you'd need that
fast a pipe to DoS someone.You'd be lucky your ISP even took that garbage
from you without throttling you. At 1024 packets in 40 msec, you're really
talking> 25K packets/sec, which likely won't happen from one machine, even
if you had a theoretically large enough pipe simply due to the routing
hardware dropping them -- remember, sending a packet generates an interrupt
and that's 25K interrupts/sec... from a single machine, and you can be sure
the router has plenty of other traffic to handle. Even a DDoS might fail --
you'd kill the routers in-between but not the machine, or cause their ISP to
block /your/ traffic.
it doesn't really matter, it's far easier prevent people from connecting
by tying up all the free slots (google q3fill).
_______________________________________________
ioquake3 mailing list
ioquake3@lists.ioquake.org
http://lists.ioquake.org/listinfo.cgi/ioquake3-ioquake.org
By sending this message I agree to love ioquake3 and libsdl.
