On Mon, 1 Aug 2005, Dan McDonald wrote:
On Mon, Aug 01, 2005 at 01:51:57PM -0400, Tyler Durden wrote:
What?!! 300MB/s for a Tor node? OK, I'm a telecom guy and not a data guy but that sounds suspiciously like someone loaded up an OC-3's worth of traffic
300Mbits (using Eugen's quote), is 2xOC-3. (OC-3 carries 155Mbit/sec ATM, but if it's IP/PPP/OC-3 you use more of the 155Mbits/sec).
A couple of hacked university zombie armies can generate that kind of traffic. I'm *not* a telecom guy, but don't most U's have at least an OC-3 out to the backbones today?
I'm surprised that the target node has that much INBOUND bandwidth, quite frankly.
Well, I am a telecom *and* a data guy, and I think I can clear it up :-) First, I suspect that the Tor node did *not* have a 300mbit ingree or egress, which is why the 300mbps was an effective DDoS ;-) Second, as the guy who spent several years being the carrier schmuck on call for these kinds of attacks, a 300mbps attack is a pretty small one. Big enough to knock off the average web site or small ISP, but pretty small from the carrier perspective. He probably knew the sizeof the incoming attack because the voice on the other end of the phone (the carrier schmuck on call) told him how much data he saw coming down the pipe at the target.
Dan
Hopefully that'll clear some of the muddy stuff? -- Yours, J.A. Terranson sysadmin@mfn.org 0xBD4A95BF I like the idea of belief in drug-prohibition as a religion in that it is a strongly held belief based on grossly insufficient evidence and bolstered by faith born of intuitions flowing from the very beliefs they are intended to support. don zweig, M.D.