Closed Lim-Sangho closed 3 years ago
hieudz
commented
3 years ago For 6, think about when you have an infinite capacity server, but it connects to KAIST's wifi (which is terrible & can only download at 1Mb/s). Then, if the attacker sends you 2Mb of data every second, your clients will not able to reach you, because your terrible wifi isn't fast enough to receive all request (2Mb+ per second)
Lim-Sangho
commented
3 years ago Thank you for replying. Does "capacity" mean certain size of storage or something? I understood it as "network capacity", an end-to-end bandwidth (bit / sec), which is somewhat I can find on google. (https://www.appneta.com/blog/network-capacity-vs-bandwidth-dont-waste-it-budget/)
Or what I just realized is that "server capacity" can be thought not to be end-to-end, and we cannot prevent DDoS attack since there are still routers of finite capacity between two sides.
Hi. I would like to ask some questions about the solution of HW2.
I think the answer for problem 5 is a little vague. I already understood that some servers should return some large packets, but anyway a DDoS attack can be stopped by restricting the size of response, I think. If a server is being exploited in a DDoS attack, we can even think it would be reasonable to do so.
Also, could you give us some description about problem 6? I thought if the capacity (the amount of traffic that a server can handle) is not bounded, then we cannot let the server down by delivering dummy packets since the server immediately spends all receiving packets. Is network bandwidth DDoS beyond this issue?
Thank you for consideration.
Best regards, Sangho Lim