Firewall them off. There are also apache hacks for spotting the
download accelerator device and blocking the user for good.
> I monitored network traffic with tcpdump, and noticed that those packets don't
> have tcp timestamps and tcp sack. I turned them off on my Linux box using
> sysctl, and also tried turning on ECN without success.
They will tend to come from older windows boxes, the timestamp/sack stuff
is unrelated
> This is of course a DoS in disguise, and is there a way to stop it?
Turning off byte range support in the web server works suprisingly well for
it. Another non hacking code approach would be to set up CBQ or other
bandwidth limiters so that the users of download accelerator get no
benefit. The advantage of the apache hacks is that you can make them
actually suffer
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/