How do you steal bandwidth?
Basically the setup is a company has three 'modules' utilising bandwidth which is designated at a cost during peak business hours and there is free off peak-usage. It is the free off-peak usage which appears to be subject to bandwidth theft.
The company is on a set fee scheme of 1,750MB broadband usage during peak hours, with free usage after normal hours. Usage above the 1,750MB during peak hours is chargeable at US$95 per GB.
In Zimbabwe, the ISPs sometimes use what are termed internet access providers (IAP) who provide the 'communications' conduit between customer and ISP. In this case we are talking or provision of a WiMax radio signal to two modes and, until recently a copper ADSL link through the national telecommunications agency. Each is subcontracted by the ISP. There is no apparent password control of the conduit.
The client company has suffered a deterioration in its links via the IAPs... the one WiMax link does not receive or transmit signal due to IAP congestion, the other is weak and cannot transmit/receive at rates much better than a bad telephone dial-up connection. The copper link, basically a more sensitive telephone line carrier, broke down, apparently stolen.
With this huge deterioration of communications ability being reduced to almost nothing, bar the poor performance of one WiMax link, the company started suffering from what would appear abnormally high, in fact impossible, usage figures.
In January the company exceeded its 1,750MB of usage, despite poor communications, and managed to clock up a massive 31GB of usage outside peak hours. Clearly, someone else is using the company's free usage facility. The prejudice is to the ISP, not the company.
Would it be possible to 'steal' bandwidth by emulating the client company's IP Addresses (and other setting), as a guess, even though the offender subscribes to a different ISP with a different ASP carrier. Is this possible? How is it done? If that were possible then everyone's bandwidth could be stolen because IP addresses are public.
It seems the only way to do this is to set up a Linux server being configured with the victim company's allocated IP address. This way the ISP actually believes that the incoming usage should be clocked up to the company, rather than the thief. Possible or mythical...? Is this why the WiMax link appears so clogged up?
With a passion as warm as the rising African Sun
Andrew Blogs at South of the Africa Equator
Twitter: @zimbandrew - find me, follow me
LinkedIn: Andrew Field - link up there too