On Thu, 25 Mar 2004, Tim Meadowcroft wrote: > Plus, these machine may have 500kbits/sec download, but are usually limited to > something like 64kbits/sec upload, so by making them send the full virus > payload (a 64k MIME encoded .scr or pif file) or whatever email they're > sending before denying them, you choke and waste their upload bandwidth.
If you are going to undertake the noble task of sucking up their bandwidth, then I'd suggest that you do the job thoroughly, and make sure that their TCP stack decides to retransmit as many packets as possible. Use iptables (for instance) to selectively/randomly drop packets. > That's why sending them a huge amount of text in return doesn't hurt that > much, but choking their upload does. I think that depends how amply overprovisioned they are with bandwidth. I expect have more in their arsenal than you do. --- Charlie
