|
|
Posted by fred-bloggs on 10/20/05 11:53
-Angela- <TarapiaTapioco@jetmail.com> wrote in
news:22ldl15k7e4kdjdhiaq05jk1qhgfs5t93q@4ax.com:
> On Wed, 19 Oct 2005 15:12:28 -0700, gregfarr <gregfarr@comcast.net>
> wrote:
>
>>Just minutes age I was watching winmx at the time, the bottom just
>>dropped out of the bandwidth. The Primary's started changing from 6 to
>>5 to 3, several of the up loaders with cancelled out, my d/l's went
>>from a 100 down to almost nothing. This has happened before, just not
>>while I was looking. I'm cable comcast.
>>
>>Greg
>>http://gregsplace.50megs.com
>>http://www.picturetrail.com/fugitive1
>
> Check your bandwidth graph when this is happening. You'll probably
> see a huge spike on your outgoing WPN packets. This would indicate
> that you are hosting a fake / flooder (secondary) that has sent their
> results from someones' search, and you being the priamary they are
> served by, your connection just suffered a UDP packet storm that
> overwhelmed (killed) your TCP connections.
I believe the spike is actually *incoming* WPN UDP packets, which would
imply that one of your secondaries has searched for a fake file. You are
actually being flooded by your primaries :(
> I keep saying it, and nobody is listening: Do *NOT* trust the patches
> and Dll's to protect you from the flooders. You have more than your
> TCP connections to loose. Use your own firewall and enter the TCP
> blocks I posted before here:
>
> news:jbj3l1hn4ih1mje1015incs1quo9pbup0r@4ax.com
>
The floods will only be prevented if EVERY primary refuses connection to
ALL fakers - unlikely, unfortunately. Even if *everyone* ran a filtering
dll it would only take 1 unfiltered address to compromise the network.
--
fred
Navigation:
[Reply to this message]
|