I now have a working on a script that will bring down any GAE application. You fill in the url and some post/get params if you have them then the script will simulate thousands of users with thousand of requests.
Right now it takes less than 3 minutes to bring down a GAE app. It's disappointing that I can't do anything about it... I tried something with memcache. I save the user's IP in memcache and then block his requests when it gets too obvious that it's a DOS attack. It's somewhat better but it still goes over the high CPU quota so I am stuck again. It's disappointing. It's disappointing because I know that once you become a little popular somebody will start flooding your application and the embarrassment of being down and vulnerable will most likely kill your adventure. Tony On Sep 16, 1:11 am, iceanfire <[EMAIL PROTECTED]> wrote: > That's a good point. I have pages that don't go over the high-cpu > quota during normal traffic. But when I test it out under a larger > than normal load, I suddenly get high-cpu errors. Like you said, this > problem can be used by rivals to effectively shut you down for close > to 0 cost to them. > > On Sep 15, 9:37 pm, Tony Smith <[EMAIL PROTECTED]> wrote: > > > It was the high CPU request. > > This request used a high amount of CPU, and was roughly 1.1 times over > > the average request CPU limit. High CPU requests have a small quota, > > and if you exceed this quota, your app will be temporarily disabled. > > > AGAIN, this is NOT a python page. It is a static webpage accessed by > > hundreds of simulated users at the same time. It takes a few minutes > > to bring a GAE application down. > > > Thanks, > > Tony > > > On Sep 15, 2:37 pm, "[EMAIL PROTECTED]" > > > <[EMAIL PROTECTED]> wrote: > > > Do you know which quota you hit? I'm wondering if it was the request > > > quota. > > > > On Sep 12, 2:57 pm, Tony Smith <[EMAIL PROTECTED]> wrote: > > > > > Timeout is not an issue if the requests are minimal. And you can > > > > control what the user can request from your application. > > > > > The MAJOR concern is DOS. > > > > I have created a script that would request the main page of my app > > > > (which now it is a static page that says: home). > > > > I basically simulated 100 users requesting the static home page over > > > > and over again at the same time. In less than 3 minutes my application > > > > was down (over quota). I didn't even go through the trouble to have > > > > several hosts hit the servers. Everything was done from my laptop... > > > > It is TOO easy to take down a GAE application. > > > > > I understand that the AppEngine is offered as a free, "as-is"service, > > > > but being at the mercy of any kid with a laptop and a DSL line is not > > > > really good for anybody. > > > > > Thanks, > > > > Tony > > > > > On Sep 12, 2:28 pm, scottxu <[EMAIL PROTECTED]> wrote: > > > > > > I don't know the status of these issues. Timeout and DDOS are two > > > > > concerns for me. > > > > > > To prevent timeout, applications have to check timer very quickly > > > > > and break the request processing aggressively, which looks like > > > > > a DDOS :-). Even worse, it's difficult to guarrantee the loop between > > > > > timer-checking is less than timeout. Failing this, the request will > > > > > not be processed unless you modify the application. > > > > > > Hope I am wrong, or hope to see solutions for these issues will > > > > > come out soon. > > > > > > Scott > > > > > > On Sep 12, 11:10 am, Tony Smith <[EMAIL PROTECTED]> wrote: > > > > > > > Yes, it needs to be at a very low level. > > > > > > > In my infrastructure, when the system is detecting a DOS attack it > > > > > > creates a firewall rule on the offending IP address. This rule will > > > > > > expire in a few minutes. If the DOS continues after the few minutes > > > > > > then An hour long restriction is imposed. If after an hour the DOS > > > > > > is > > > > > > still active then a permanent restriction is created and an admin is > > > > > > notified. The admin then researched the attack and if it proves to > > > > > > be > > > > > > of malicious intent (not some misconfiguration on the software) then > > > > > > we take it up with the ISP. > > > > > > > Does Google have (currently or in plan) something similar that will > > > > > > help address the DOS issues? You go through all the trouble to > > > > > > launch > > > > > > an application and then they take it down through DOS... this would > > > > > > really look bad for a start-up website not to mention Google. Well, > > > > > > actually Google's GAE wouldn't be that affected because the users > > > > > > will > > > > > > assume that the application went over it's quota. The normal users > > > > > > would not know of the DOS attack. > > > > > > > Thanks, > > > > > > Tony > > > > > > > On Sep 12, 1:24 pm, uprise78 <[EMAIL PROTECTED]> wrote: > > > > > > > > Rich, correct me if I'm wrong but that code you sent will add a > > > > > > > new > > > > > > > read and a new write to every page hit and on top of that if the > > > > > > > person is banned they will still be able to reach the webpage and > > > > > > > cause it to perform this same read/write. I think DDOS attach > > > > > > > protection needs to be done on a much lower level than that. > > > > > > > > On Sep 12, 10:21 am, Rick Thomas <[EMAIL PROTECTED]> wrote: > > > > > > > > > I noticed this code > > > > > > > > >http://code.google.com/p/pyib/source/browse/trunk/usercontrol.py-Hide... > > > > > > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
