On Friday 15 February 2008 15:20, Michael Rogers wrote: > On Feb 15 2008, Matthew Toseland wrote: > > Hmm, so what you're saying is that if we reject a request because of > > overload we should NOT remember that peer and offer them the data. Fair > > point. Fixed in trunk 17940. > > That's not what I'm saying. I'm saying that a peer can overflow the ULPR > table without being throttled because it only requires 3 requests per > second of a few hundred bytes each. By doing so, the attacker can fragment > the ULPR trees of other nodes' requests. The attack doesn't require much > bandwidth, so an attacker with a fast connection can attack several hundred > opennet peers at once.
It is limited by his ability to have his requests accepted. Unless the network is idle it's likely that each node he tries to spam has all its peers sending requests to it too, so most of his requests won't be accepted. With any more substantial load management algorithm (e.g. token passing) the situation is even worse for the attacker. No? > > Cheers, > Michael -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20080215/3347fce9/attachment.pgp>
