Limiting Bandwidth Hogs on Public Wireless Nets? 171
arglesnaf asks: "I'm a consultant and spend a lot of time on public wireless networks at client sites (mostly hospitals / universities), coffee shops, and hotels. Quite often, the problem is that some person is running BitTorrent and eating 100% of the bandwidth. The result is that I can't get email during the day or play World of Warcraft in the hotel. I have considered sniffing and spoofing TCP resets to free up some bandwidth but need an automated way to handle new BitTorrent connections. Does anybody have any ideas on how to automate the sniff and reset strategy, or other ways to carve out a little bandwidth from hogs on public wireless?"
Steps for getting bandwidth (Score:5, Funny)
Step 2: Point browser at gateway
Step 3: Log in with default password
Step 4: Change channel, change SSID, enable WPA-PSK, change password.
Step 5: ???
Step 6: Profit!
Re: (Score:2)
Re: (Score:2)
1) Gain access to the router controls
2) Place the offender's MAC on the ban list.
It's a little more transparent than kicking everyone off except yourself.
(If you're really creative and the capability is present, change the DHCP settings for the MAC such as don't assign a gateway address or assign it to a different subnet.)
Re: (Score:2)
Re: (Score:2)
Offtopic question: do any consumer-grade WAPs support both WPA and WEP simultaneously? It's a hassle when my dad drops by, as his old laptop only handles WEP, and I've got all our systems at home configured to use WPA. Is there some technical (p
Short answer: No. (Score:5, Insightful)
I'm a consultant and spend a lot of time on public wireless networks at client sites (mostly hospitals / universities)
Get yourself an EVDO cellular modem. You can deduct it as a business expense. And stop trying to disrupt other peoples's connection.
If you have a problem with bandwidth hogs, complain to the WiFi service provider. Don't take the matter into your own hands. You are not the bandwith police, what you are doing is probably illegal.
Re:Short answer: No. (Score:5, Insightful)
Re: (Score:2)
see here [slashdot.org]
Re: (Score:3)
Re: (Score:2)
Also, you could create a whitelist of known MAC addresses and give them higher priority than everyone else who just walks in off the street, and you can have the router's logs forwarded t
Re: (Score:2)
-nB
Re: (Score:2)
Well in that case, if you have the cooperation of the hospital and hotel, why not replace the router with one that will take a more flexible firmware (like DD-WRT) and then enable its QoS controls?
Because he's "just some guy" using the network, not the network administrator. He doesn't want to administrate the network, and the people who run the network don't want to go to all the trouble of pulling out one solution that works (minus the hogs).
It seems to me the solution of disrupting peoples network conne
Re: (Score:2)
For all? Even the p2p user?
Personally, I'd call it a DoS attack, and would believe that the perpetrator (the person intentionally disrupting other people's connections) is a criminal and should be treated as such. It's also possible that merely sniffing the network (arguably to see where all the bandwidth is going) is violating the law.
And yes, BT can suck u
Re: (Score:2)
For all? Even the p2p user?
Sorry if I forgot about them. One doesn't generally worry about the troublemakers when devising a solution to a problem. I suppose law enforcement isn't really optimal for thieves either. I take it you're one of the slimeball p2p users taking up scarce bandwidth on free wi-fi networks?
Personally, I'd call it a DoS attack, and would believe that the perpetrator (the person intentionally disrupting other people's connections) is a criminal and should be treated as such.
Uh huh. A
Re: (Score:2)
It's just a hunch, but I'm guessing that the hospital would want to put WoW into the same lower QoS category. Which wouldn't gain the WoW player much.
Ultimately, this sounds like another case of `what I want to do (WoW, and I'll throw in some things that sound like work too) is more important than what you want to do (Bittorrent, but who knows what else would be included.)'. I believe the general problem has been explored in great detail over the years under the name tragedy of t [wikipedia.org]
Example script (Score:3, Informative)
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Insightful)
Exactly what I was going to say. A free wifi network is NOT your network. Just because someone else is being a asshat doesn't mean you need to be one as well.
Well, my argument would be it's not the bandwidth hogs network either. If someone were blasting really loud music in a public space, would anyone but the music blaster complain if you were able to send sound cancelling noise to block the loud music (and do it in a perfect way that only stopped the loud music)?
In this case the guy isn't being an "assha
Re: (Score:2)
Can you say DoS attack?
As someone said, if its that important to you, get a "mobile network" solution, whatever is applicable in your country (in australia we have one supplied by telstra that is dog slow, but useable for MMOG).
Re:Short answer: No. (Score:5, Interesting)
Then again, if the business is paying for it, that's quite acceptable.
Re: (Score:2, Insightful)
Re: (Score:2)
Re: (Score:2)
I live in a hotel every weekday for the last seven months and have asked the hotel about the bandwidth problem, and they are supportive of this approach. They know one or two guests are ruining the internet access for everybody, and wish they could do something about it. Since it is a corpoarte big chain hotel they do not have the ability to implement the
Re: (Score:2)
Being able to play WoW or some such really helps to kill the time while doing nothing at night.
Re: (Score:3, Funny)
Just an FYI.
Re:Short answer: No. (Score:4, Interesting)
Most of my clientel is small city midwest, and EVDO is not an option.
At the hospital I am at today the IT security people think it is a great idea. Since they outsource their wireless management and the provider refuses to deal with it, they think using a wireless IPS like solution to limit hogs is their only way to fix it.
I came up with the idea to ask slashdot after talking to my Hospital client and the manager of the hotel I normally stay at. Abusing the network by eating all the bandwidth is not someones right, and not all wireless providers are capeable of ensuring equitable wireless access.
Re: (Score:2)
Sneak up behind these people with a short piece of rope held between your hands, loop it over their heads, and pull. They are then throttled. [princeton.edu] Easy.
To make it easier, do it one person at a time.
Re: (Score:2)
Um, get a smarter provider? I know they're mostly pretty stupid, but they can't all be that stupid. Your clients didn't all do anything really dumb, like signing up for a long-term contract with a crummy provider, did they?
As for self-help, it makes no sense to say that they don't want to invest in inline bandwidth management, and then suggest that they invest in an equally expensive packet-sniffing, RST-sending hack. That hack is going to be just as hard to administer, and is going to involve just as
Re:Short answer: No. (Score:4, Insightful)
When you want to know about the correct way to do it, you ask about QoS and other bandwidth limiting methods. You do NOT, as you've done, talk about TCP resets and "automated sniff and reset strategy".
Re: (Score:2)
Don't know what settings would have to be changed on the AP or cli
Re: (Score:2)
As long as the AP only allows each client the opportunity to send a single A
Re: (Score:2)
Re: Short answer: Yes. (Score:2)
http:// [tu-darmstadt.de]
What if you're the network admin? (Score:2)
Is there anyway to limit individual bandwith to approx 150kps?
Re:What if you're the network admin? (Score:4, Informative)
D-Link DSA-3100 works great (Score:2, Informative)
We had a hotel with a 1.5Mb wireless connection that had a movie downloader just hammering us night and day. Not only was it killing the service for other users at the hotel, it was killing service for other users all over our wireless network.
Solution: We talked the hotel into getting a D-LINK DSA-3100. I had it installed in an afternoon, the hotel had a captive p
Re: (Score:2)
I recently installed a DSA-3200 (the successor to the 3100) and I can't figure out how to make usage fair. I can limit the overal bandwidth used for each authentication group, which is great because we use our T1s for other things besides wireless, but how do I limit bandwitdh per protocol or make usage f
Re: (Score:2)
-matthew
Re: (Score:2)
Re: (Score:2)
Even a plain jane Linksys router has basic QoS support. I have mine setup to prioritize port 25, 110 and 80.
Re: (Score:2)
DIY or off the shelf (Score:2)
For an off the shelf solution, the Asus 500gl has various bandwidth management features. Haven't used it myself but it seems worth a look.
Re: (Score:2)
Yes. When you log into the Fon router using the registered email address & password you are redirected to your "Fon homepage" which has a sliding meter to set the amount of bandwidth you wish to share. You can also add "guest" accounts - users logging in with one of these do not have
Reboot the router (Score:2)
Though it it was properly setup, they would just have QoS set on the router, so no one person could be a hog.
I suggest (Score:5, Funny)
Re: (Score:2)
Jack Thompson, it's good to see you've seen the light. Can you please stop going after Take Two now, mmmmkay?
Re: (Score:2)
Comment removed (Score:3, Funny)
You kids these days... (Score:3, Funny)
Re: (Score:3, Funny)
486? 486?!?!? Back in my day (about the time dirt went beta), we used the trusty old TI 765 [xmission.com]. With real acoustic couplers, none of your fancy-pants alligator clips. And everything was PRINTED on PAPER, so you had a permanent record of your telnet session to ucbvax to prove you'd been there.
You kids with your microprocessors and your CRTs and computers you can lift — GET OFF MY ROCKS!
Re: (Score:2)
We had to make due with a Data Products PortaTerm, which apparently was invented and destroyed before the advent of photography, 'cuz I can't find an image of one anywhere on Google. It was a full briefcase-sized impact-hammer-through-the-paper terminal, complete with a 110 baud acoustically coupled modem. The br
Barter consulting time for services (Score:2, Interesting)
Step 2: Buy the coffee shop or hotel manager lunch. Explain that they have a problem and that you are willing to fix it in exchange for goods and services. Explain how this will make life better for all their customers.
Step 3: After getting permission, fix the problem.
Step 4: Enjoy the coffee or free room-nights.
Step 5, required in some countries
Step 6: Use refere
Re: (Score:2)
Of course, it may be that the AP already supports QoS and it just needs to be configured. If not, running OpenBSD's PF as a bridge on a Soekris 4801 [soekris.com] (or equivalent low-power box) with compact flash for mass storage would allow him (with the owner's permission) to place it upstream of the access point and forget about it. The whole thing is US $300-$400 plus time.
(It could be done even cheaper on a salvaged old computer, of course, but the reliabi
um, I'm a little supprised... (Score:3, Informative)
I'd suggest you go to the front desk and tell them that you are having problems with the wireless. That you are staying in this hotel because they have internet access. I'd suggest that you tell them someone needs to look into the situation or move you to another hotel. Tell them that you suspect that someone is doing something against the law ( I know running bit torent is not against the law ) and taking up all the bandwidth. Who knows you can drop in the comment, I think that someone is running an unlawful site and allowing people to download pirated movies and that the MPAA and RIAA may come after the hotel and sue them. That would get their attention.
Complaining often works!
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I would disagree. This is not illegal, but it is unethical. You are not hacking or cracking anything on their computer. All you are doing is sending a TCP reset packet on an open wireless network. Their computer can choose to ignore it or honor the reset request; you are not accessing or tampering with any data on their computer itself. B
*chuckle* (Score:4, Interesting)
Irony.... glooooorious irony.
not that simple (Score:2)
Comparing a coffee shop or hospital to an ISP is a bit much, don't you think?
The ISP has common-carrier status. They have regulations that assume they are neutral and treat all traffic equally, in return for various benefits. Also, in many cases there is no real competition. If the ISP decides to go non-neutral, there really isn't any way around it.
If there were many local ISPs, each with a different set of bandwidth rules, and they actually *advertised* those rules and charged a fair price for the vario
Re: (Score:3, Informative)
The argument about NN isn't about whether or not ISPs should be able to give certain type of traffic greater priority over the others (I.E. making VOIP take higher priority over HTTP)
The argument about NN is whether or not ISPs should be allowed to give certain organizations higher priority than others. What the submitter is talking about is prioritising HTTP over Bittorrent, which most wouldn't disagree about. What NN supporte
Re: (Score:2)
It really depends on who is doing the arguing. The point has been a bit muddled and it's hard, sometimes, to get people to agree on specifically what they're arguing about.
Re: (Score:2)
Re: (Score:2)
You seem to be implying (Score:2)
You seem to be implying that people are passing traffic across a bandwidth provider's network against that provider's will. That does happen sometimes (oops, accidentally left that wifi unprotected), but usually a bandwidth provider makes a conscious decision to offer it for free, charge someone for it, or come to a mutually beneficial agreement with another party to exchange traffic at no charge. Nobody's being taken advantage of again
Re: (Score:2)
Actually, it is. Before QoS, routers handled all packets in neutral, FIFO order. QoS, by its very nature, handles packets in something other than FIFO order. With QoS, some kinds of packets are more important than others.
But there's nothing wrong with QoS per se. The real issue is who controls the QoS rules? The users or the carriers?
As far as I'm concerned, I pay for my DSL line so I should get to decide which packets on it are more important than others.
Re: (Score:2)
The "no consideration" fallacy (Score:2)
Take a look at the candy bowl from the opposite view and you can just as easily see a Google or YouTube providing the candy and a middleman (ISP) taking it and selling it to other kids (
Fix the analogy (Score:2)
An ISP is more like a supermarket. If I go to the supermarket and buy up every last bit of Halloween candy, that's my right. My mother should not be standing there at Wall-Mart telling me I should buy some vegetables.
lower your mtu or go to starbucks (Score:4, Informative)
Otherwise, go to Starbucks and pay $.10 cents a minute, because hardly anyone else will.
Spoof some ARP packets (Score:3, Insightful)
best solution (Score:2)
Okay... (Score:4, Insightful)
Sort of seems like you are asking how can I kick off OTHER bandwidth hogs?
Or how do I control a free open network I don't own?
Okay...
Re: (Score:2)
You are the most selfish Prig I know (Score:2)
Hate to tell you buddy... If you want to get a good clean connection - work from home, setup your own network - brew your own coffee, and get the quality that you need. If you want to sit in a coffee house and drink overpriced drinks, talk loudly on your cell phone, and use their connection to gring your Tier II gear in WoW - Well, you get what you pay for.
Now quit whin
Re: (Score:2)
What you find many times if you talk to a Hotel Manager or Coffee shop owner they realize it is a problem and have no way to deal with it. They will tell you they wish they had an easy way to throttle these people, without investing in things like inline IPS / bandwidth management.
Most of my clientel is small city midwest, and EVDO is not an option.
At the hospital I am at today the IT security people think it is a great idea. Since they outsource their wireless man
Re: (Score:2)
Hardly... Wireless IPS/QoS/Packet Shaping are very simple TCP flow control mechanisms that will throtle TCP mechanisms fairly and in a managed appropriate way.
Sending spoofed TCP resets into a packet flow that you don't own, manage, or control is crossing the line. There is also the difference between allocating resources that you own in a way that you want to (ie Packet Shaping) and disrupting resources that you don't
Is it just me... (Score:3, Insightful)
Re: (Score:2)
If story poster were on MY wireless network... (Score:3, Insightful)
This is not your network, pal. Quit trying to fuck it up. First come, FIRST FUCKING SERVE.
*WHIIIINE* I Can't play my life-sucking WoW because of the Pir8s on BT!!!11one.
Gimme a fucking break.
And while I'm at it... (Score:2)
Re: (Score:2)
Ok.. (Score:2)
Re: (Score:2)
Re: (Score:2)
So go beat the bandwidth hogs. Remember, WoW uses an insanely tiny amount of bandwidth, even compared to typical web browsing. BitTorrent, OTOH, sucks down as much bandwidth as is available, effectively killing off other services.
Or is it that you own the network, and you're running Bit
Re: (Score:2)
Very strange. (Score:2)
I'd love to test that on your network, but there's almost no chance I live anywhere near you. Oh well.
so.... (Score:2)
Grow up already.
I'm an Student... (Score:4, Funny)
Re: (Score:2)
The result of your thesis not getting completed is not due to wireless access. It's due to improper prioritization. There are plenty of places on-campus with LOTS of bandwidth: Use a Computer Lab or *gasp* "jack in".
If you can't complete your thesis at Starbucks (or in the Hilton lobby), the problem is not wireless bandwidth hogs.
Re: (Score:2)
That's not the question (Score:5, Insightful)
E.g., it's a public router, like in a coffeeshop or hotel, but which doesn't have any QoS set up on it, so it's being abused.
He wants a way of essentially chiseling out some room on the commons, when the other guy is already over-grazing his sheep there.
Re: (Score:2)
Re:That's not the question (Score:4, Informative)
Sounds like that's the solution. (Score:4, Insightful)
I wonder if running it slows down your own connection though, since you're constantly injecting packets into the other guy's connection.
Might he have to get another computer in order to run tcpnice, and then do his normal internet activities from another machine?
Re: (Score:2)
I think that most of the overhead would come from runing your network card in promisc. mode and having to have tcpnice "consider" each packet on the interface. The bandwidth overhead from actually injecting the packets is tiny. Running it on an
Re: (Score:2)
Re: (Score:2)
It's not just ports. (Score:2)
"BitTorrent ports?" (Score:2)
It is possible to throttle BitTorrent, but not in the way you expect to.