[TriLUG] marginally OT: Some bandwidth and DoS questions

Shawn William Taylor STaylor at torexretailna.com
Tue May 29 13:29:24 EDT 2007 

Responses in-line! I love this stuff.

Shawn

Bandwidth
-For a DSL connection with 768 down and 384 up, if you are consuming all 
of the upstream bandwidth, does that mean you have no available 
downstream bandwidth?

No, this is the point of asynchronous configuration. However, if your host 
can not send things like acks to other communicating nodes then 
effectively, the communication is lost or times out. (Hence the 'denial of 
service')

-For a T-1 with a nominal speed of 1.5 Mbps, is 1.5 the total available 
bandwidth for upstream and downstream, with the entire pipe 
theoretically available for unidirectional traffic (i.e. 1.5 Mbps down, 
0 Mbps up)?

Most T1's are bidirectional. Again, it's less about consuming the pipe and 
more about consuming the host.

DoS
-Have you ever heard of anyone (ab)using wget to accomplish a deliberate 
non-distributed DoS attack?

No

-How much traffic/how many requests per second would be required to 
effectively DoS a 768/384 DSL connection?

You would need a bunch of things all trying to talk at once. (I really 
don't even have a guess but it would be a lot)
Even then it doesn't really need to consume the pipe, just overload the 
server.

-Could this be done with wget? 

yes


-Is there any resource on the internet which outlines how much data a 
computer with a given processor is capable of putting on a network 
interface?

Check out the manufacturers specs. Remember, each OS will have different 
Default settings (obviously if it's a setting, it can be changed) so 
things like network time-outs and such on the host are important in how 
much data it can put through. As well if it's connection is Full-Duplex or 
Half-Duplex will make a difference as well.

wget
-Have you ever heard of anyone using wget to back up entire websites?

I hadn't heard of wGet before your email, however it looks like it would 
do that quite nicely from the documentation. It seems that what it is 
designed to do??

http://www.gnu.org/software/wget/

-Would using this method on a PHP-based website actually accomplish a 
backup?  It seems to me that it would only gather the generated HTML and 
Javascript.

It seems to support wildcard file types so you could have your own 
extension and it would pull it back.

More information about the TriLUG mailing list