<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta content="text/html;charset=UTF-8" http-equiv="Content-Type"></head><body ><div style="font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt;"><div>Hi Rich,<br></div><div><br></div><div>Sure, here's what we did to protect our Netperf servers: Require a password to run netperf (it's a command line parameter on the client), and rotate the password regularly.<br></div><div><br></div><div>This means users will need to sign up for access, and get an email every time the password is rotated. That way you know who is using (or abusing) the services. If it is being abused, knock out the abuser from the list, and rotate the pwd.<br></div><div><br></div><div>Use different passwords for each server to have fine-grained access controls.</div><div><br></div><div>I hope that helps,</div><div><br></div><div id="Zm-_Id_-Sgn" data-sigid="8168650000000048003" data-zbluepencil-ignore="true"><div>Jonathan Foulkes<br></div></div><div><br></div><div class="zmail_extra_hr" style="border-top: 1px solid rgb(204, 204, 204); height: 0px; margin-top: 10px; margin-bottom: 10px; line-height: 0px;"><br></div><div class="zmail_extra" data-zbluepencil-ignore="true"><div><br></div><div id="Zm-_Id_-Sgn1">---- On Sat, 30 Mar 2024 13:03:00 -0400 <b>Rich Brown via Bloat <bloat@lists.bufferbloat.net></b> wrote ---<br></div><div><br></div><blockquote id="blockquote_zmail" style="margin: 0px;"><div>Hi folks,<br><br>This note was prompted by a question from the crusader github repo [1] where I wrote the following:<br><br>>> It seems to me that the server netperf.bufferbloat.net (also called netperf-east.bufferbloat.net) has been down for quite a while.<br>><br>> Yes. I have been stymied by heavy abuse of the server. In addition to legitimate researchers or occasional users,<br>> I see people running a speed test every five minutes, 24x7.<br>><br>> I created a bunch of scripts [2] to review the netperf server logs and use iptables to shut off people who abuse the server.<br>> Even with those scripts running, I have been unable to keep the traffic sent/received below the 4TB/month cap at my VPS.<br><br>Does anyone have thoughts about how to continue providing a netperf server at the name "netperf.bufferbloat.net" while not overwhelming any particular server? Many thanks.<br><br>Rich<br><br>[1] <a href="https://github.com/Zoxc/crusader/issues/14#issuecomment-2028273112" target="_blank">https://github.com/Zoxc/crusader/issues/14#issuecomment-2028273112</a><br>[2] <a href="https://github.com/richb-hanover/netperfclean" target="_blank">https://github.com/richb-hanover/netperfclean</a><br>_______________________________________________<br>Bloat mailing list<br><a href="mailto:Bloat@lists.bufferbloat.net" target="_blank">Bloat@lists.bufferbloat.net</a><br><a href="https://lists.bufferbloat.net/listinfo/bloat" target="_blank">https://lists.bufferbloat.net/listinfo/bloat</a><br></div></blockquote></div></div><br></body></html>