this post was submitted on 02 Mar 2024
200 points (93.9% liked)
Technology
59166 readers
2327 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm confused, what is this supposed to mean? Some sort of non-distributed DOS attack? How would working with the customer help there? If they're susceptible to a denial of service, isn't that entirely an internal problem?
No service was denied!
Fair point. DOS is perhaps the wrong word for it. But from that quote, it sounds like it's a similar behaviour to DOS tactics which involve finding ways to transform a relatively simple request into a large amount of work (or in this case, network traffic) for the server.
They are saying that it wasn't a ddos at all but organic use. The user was notified but did nothing. So they think their notifying stuff isn't good enough.
Sorry, but what exactly is a "sustained download event" supposed to be? It sounds like they're describing some sort of DOS-like attack that isn't a DDOS, where a user manages to force the server to serve up way more data over a sustained period of time than would be reasonable for downloading a single MP3 for normal use.
But maybe that's not what they mean. It's very unclear.
I'm pretty sure they're describing something akin to what many small site owners have referred to as 'the hug of death'. If you're a small site that blows up on the front page of lemmy (or an actually large community site), you're going to experience sustained traffic that your site isn't capable of handling (be that at the computer resource or financial level in this case).
Normally the hug of death' just takes you offline when your provider can't handle the load or you blow past your providers thresholds. In this case, that threshold didn't appear to exist and it just kept adding to the bill.
Oh right. So they just mean the Slashdot Effect? A large and unexpected amount of organic traffic?
I think that "sustained download event" is a weird way of phrasing that, but thanks for the explanation.
They mean a lot of downloads were happening for a period of time.
Basically, it was a giant uptick in use that was likely made by human beings instead of a DDoS botnet, and they're still investigating where it came from
I am too. Is the agreement to charge per mb downloaded? Do they not have some sort of "turn it off if I hit this max?* feature?
I usually avoid hosting solutions like this just because of this shit. I wanna know how much I'll owe before the month starts even. Anything else feels like gambling.
Of course they do but they can make 104k if they don't turn it on.
There are plenty of bandwidth restricted hosting sites out there. Sounds like that is what you want. Maximum speed regardless if that's used 24/7 or not. If more users request your site than that bandwidth allows - oh well.