Matthew Toseland wrote: >> "Ultra-lightweight" could actually be a disadvantage here, because if >> the peers can easily handle that number of requests they won't throttle >> the attacker. > > No, he has to do a real request to get a ULPR subscription. Therefore it is > subject to all the normal throttling mechanisms.
But a real request can be, what, 100 bytes? 200? And the attacker only needs to send 3 per second to each peer. Cheers, Michael
