Some relevant references: Marzia Niccolai (Google) said this in Sep 2008: "On the broader issue of denial-of-service attacks, these are an unfortunate reality in the web world. While we don't currently offer applications any specific protections against attacks of this nature, this is something we're interested in looking into for the future. In the near-term, when we begin allowing developers to purchase computing resources beyond our free limits, we will provide a mechanism for reimbursement in the event of a DOS attack." Src: http://groups.google.com/group/google-appengine/browse_thread/thread/7503bf772ae32434
and star this issue: Issue 718: Denial of Service Attack - protection http://code.google.com/p/googleappengine/issues/detail?id=718 On Mar 20, 1:31 pm, codermarc <[email protected]> wrote: > I was recently the victim of a DoS attack against an App Engine app. > The attacker requested a 2.3mb file approximately 13k times over 1.5 > hours, and at least 6k of the requests were successful before by > bandwidth quota was exceeded. > > All of the requests were coming from a single IP address in Central > America. The successful requests were spread out over about 45 > minutes, which would mean a constant outgoing bandwidth rate of 5.1mb/ > s. Does this make any sense? > > How does Google calculate outgoing bandwidth for static file requests? > When a file is requested, is it automatically assumed that the entire > file will be transferred, or is the actual bandwidth used calculated? > > Also, is anybody aware of anything I can do in the future to prevent > such an attack? > > Thanks for your feedback! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
