top | item 45618776

(no title)

> I've tried 30X redirects (which it follows)

301 response to a selection of very large files hosted by companies you don't like.

When their AWS instances start downloading 70000 windows ISOs in parallel, they might notice.

Hard to do with cloudflare but you can also tar pit them. Accept the request and send a response, one character at a time (make sure you uncork and flush buffers/etc), with a 30 second delay between characters.

700 requests/second with say 10Kb headers/response. Sure is a shame your server is so slow.

discuss

notatoad|4 months ago

>301 response to a selection of very large files hosted by companies you don't like.

i suggest amazon

lgats|4 months ago

unfortunately, it seems AWS even has firewalls that will quickly start failing these requests after a few thousand, then they're back up to their high-concurrency rate

knowitnone3|4 months ago

Microsoft

gitgud|4 months ago

> Accept the request and send a response, one character at a time

Sounds like the opposite of the [1] Slow Loris DDOS attack. Instead of attacking with slow connections, you’re defending with slow connections

[1] https://www.cloudflare.com/en-au/learning/ddos/ddos-attack-t...

tliltocatl|4 months ago

That's why it is actually sometimes called inverse slow loris.

tremon|4 months ago

As an alternative: 301 redirect to an official .sg government site, let local law enforcement deal with it.

integralid|4 months ago

Don't actually do this, unless you fancy meeting AWS lawyers in court and love explaining intricate details of HTTP to judges.

more_corn|4 months ago

^ I love you

gruez|4 months ago

>When their AWS instances start downloading 70000 windows ISOs in parallel, they might notice.

Inbound traffic is free for AWS

jacquesm|4 months ago

It's free, but it's not infinite.

kadoban|4 months ago

Free just means you get in trouble when you abuse it.