[Zambyte]

> User X just sent 1 million packets in the last 5 seconds! Shut him down!

How can you tell the difference between participating in a DoS versus uploading a file?

[traverseda]

As long as we're redesigning the entire internet, make it so that a computer can request from its upstream that it no longer receive packets from a source. That upstream can request the same from its upstream and so on. I'm surprised this doesn't already exist honestly.

[euroderf]

A sort of blacklist that propagates upstream, progressing thru DNS to final IP ranges. A preponderance of evidence gets a range banned until compliance is evident. Sounds good!

[pdimitar]

I don't think any file uploading software will send 1 million packets in 5 seconds. They will likely be several dozens of big packets.