Steve Gibbard wrote:
If a few of you can stop being so pedantic for a second,
the definition looks pretty easy to me: traffic unlikely
to be wanted by the recipient.
This looks good to me although it also needs to include _return_ traffic
from junk traffic (say, you flood a target with ICMP echo request, and
the target does not rate-limit the ICMP echo reply; in that case the
reply is junk as well as the request although it is wanted by the
destination which is the attacker).
Another way at looking at the issue is to measure how much traffic is
Your mileage may vary and I made up the following figures as they can
greatly vary depending on the network, but...
Let's say there's 50% of p2p file sharing, 10% of downloading pr0n, 5%
of downloading services packs and anti-virus signatures and 15% of misc
HTTP surfing, all of which I would consider legitimate and would also
match Steve's definition, this already makes for 80% legit. Legal !=
legit IMHO. Although 99% of p2p file sharing traffic is likely illegal,
it is legitimate (the destination wants to receive it).