said by derekm:Here's a question... Does anyone know what the various residential ISP's policies are towards unsolicited traffic counting toward monthly usage caps?
Phrased another way, what if someone decided to hit me with (say) 1.5Mbps sustained, (possibly) spoofed, traffic (say ICMP or DNS). I might not notice it (most people aren't watching for this), but at the end of the month, I sure will.
1.5Mbps is enough that you might not even notice it speed-wise, but still adds up to ~486GB/mo. This could be big bucks.
An end-user can't block the traffic with their firewall, as just having the traffic transmitted to their firewall is the damage.
1. Do ISPs check for this?
2. Are you on the hook for it?
3. How can an end user possibly even prevent (and therefore be in control of it)?
I'm going to say:
1. no
2. yes
3. nothing
Can anyone show instances where this isn't the case?
What recourse is there, especially users with either known static IPs, or those who have dynamic IPs but participate in services where their current IP is easily discoverable?
redirect traffic to local host
then they can spam hte crap out of themselves
btw her is a quiz for the smarties how can a 56 K connection completly overwelm a 5 megabit line
answer that and you are on your way to understanding that whom ever you made angry maybe you should not have and it actually is good to have LOTS of friends after all a single dos from one ip is easy to slap back
i had this happen when some argentinian with a OC 3 line decided to attack the united hackers website
i did the legal bit i contacted the host , hte host told me to contact uunet , uunet told me to contact the host and ever down time was costing me 150 bucks
well thats it i made a program gave that to 150 friends and emailed both the host and uunet back and said if they are unable to look after there users then i will look after myself and do not ask nor bother me about your laws in this regard.
a week later that argentine isp begged for US to stop.
-----
if you program your firewall and dont have a retarded one you can say all traffic from X ip is dropped , they need a real real real haeavy fast connection then to bother you... so that 1.5 megabit crawl might only use up 500K or less now that packet dropping is occuring and without a firewall your gonna really begin to feel that....
-----
and unless your using a ton of constant changing differing ips this lil trick wont work long
ive 12 year old software that in fact worked so well agaisnt even that type of attack that after an attack in a irc chat room of 1000 people i and the attacker were only ones left and when i tired of him i pressed a weeee button and poof he went away
and that was done 2 years back so dont tell me kids that dos know what they are always doing.
my question to you is ..what are you doing that would aggrivate someone enough to have htem go thorugh the trouble and potential legal issues of attacking you with such a pittance of bandwidth....
no really imagine a bot net of 1000 - 100 megabit servers and what that could do....thats the big leagues as they say....and there out there....