This was the response from Google: "Going forward, if you see a large amount of suspicious requests coming in for a particular resource, please block the suspicious IP addresses as you did and/or temporarily move the resource, which will help to determine whether this is a true DoS attack or simply an unexpected spike in traffic from a single location or ISP."
I've since tested the bandwidth quota as described in the issue below where I transfered less than 25mb of data that was reported as 5gb: http://code.google.com/p/googleappengine/issues/detail?id=1178 I'm in the process of building a reliable per-IP bandwidth limiter for static files, but I hope that Google will incorporate this functionality natively into GAE. Marc On Mar 23, 3:38 pm, boson <[email protected]> wrote: > Some relevant references: > > Marzia Niccolai (Google) said this in Sep 2008: > "On the broader issue of denial-of-service attacks, these are an > unfortunate > reality in the web world. While we don't currently offer applications > any > specific protections against attacks of this nature, this is something > we're > interested in looking into for the future. In the near-term, when we > begin > allowing developers to purchase computing resources beyond our free > limits, > we will provide a mechanism for reimbursement in the event of a DOS > attack." > Src:http://groups.google.com/group/google-appengine/browse_thread/thread/... > > and star this issue: > > Issue 718: Denial of Service Attack - > protectionhttp://code.google.com/p/googleappengine/issues/detail?id=718 > > On Mar 20, 1:31 pm, codermarc <[email protected]> wrote: > > > I was recently the victim of a DoS attack against an App Engine app. > > The attacker requested a 2.3mb file approximately 13k times over 1.5 > > hours, and at least 6k of the requests were successful before by > >bandwidthquota was exceeded. > > > All of the requests were coming from a single IP address in Central > > America. The successful requests were spread out over about 45 > > minutes, which would mean a constant outgoingbandwidthrate of 5.1mb/ > > s. Does this make any sense? > > > How does Google calculate outgoingbandwidthfor static file requests? > > When a file is requested, is it automatically assumed that the entire > > file will be transferred, or is the actualbandwidthused calculated? > > > Also, is anybody aware of anything I can do in the future to prevent > > such an attack? > > > Thanks for your feedback! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
