0

I am concerned that some static files hosted publicly in S3 can be the target of an attack that aims to hurt me financially (ramping up my AWS bills). I have set up a logging system, that runs every hour and tries to block suspicious IPs.

To understand the risks of financial loss, how many requests/downloads can be performed by a distributed attack in one hour?

Victor
  • 131
  • 3
  • You're asking the wrong question. The right question is how many requests per _second_. – Michael Hampton Feb 17 '15 at 05:21
  • http://www.techworld.com/news/security/wave-of-100gbps-mega-ddos-attacks-hits-record-level-in-2014-3531040/ not the best but the first hit – HBruijn Feb 17 '15 at 06:13

1 Answers1

0

This is a really bad question. You should be checking how many requests the IP is making per 5 seconds or so, and rule out legitimate traffic through that.

As an example, nobody is going to be requesting the same file 300 times in a second from a normal browser.