>From my running notes on n2n.
Definite issues
- password on edge command line is a security flaw.
- superuser privileges for edge should be dropped (provide -u <uid>
option).
- MTU calculations.
- only /24 n2n networks supported.
- random seeding of twofish is too predictable for crypography.
- unmarshall + marshall for changing one bit (should pass
n2n2_packet_header and payload separately and combine in final
marshalling).
- LZO compressing to larger size is a problem if max MTU packet size
to start with.
- edge to supernode registration retry does not exist (no
REGISTER_ACK from supernode).
- supernode is vulnerable to DoS by fast registration attack.
Questions
- is private_ip used for anything?
Features to add
- SIGUSR1/SIGUSR2 to change logging verbosity
--
Rich
Get the name you always wanted with the new y7mail email address.
www.yahoo7.com.au/y7mail
_______________________________________________
Ntop-dev mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
