On Wed, Dec 22, 2010 at 4:09 PM, Loic Dachary <l...@dachary.org> wrote:
> Hi, > > In an attempt to better understand how to follow the > http://www.rfc-editor.org/rfc/rfc3552.txt recommendations for "Denial of > Service Countermeasures", I looked into photuris as described in > http://tools.ietf.org/html/rfc2522 > > I found indications of a reference implementation at > http://www.citi.umich.edu/u/provos/photuris/ > but "cvs -d anon...@anoncvs.uk.openbsd.org:/cvs -z 9 get > src/sbin/photurisd" is outdated. > > Does anyone know of a better source ? > > Cheers > > Maybe you are referencing to all the techniques based on "cookies" approaches. http://en.wikipedia.org/wiki/SYN_cookies There are some papers related to the DoS protection of protocols based on UDP or "stateless" protocols. Many key exchange protocols are relying on a first cookie exchange to avoid the flooding with rogue/faked IP addresses. A paper about the topic: http://www.eecis.udel.edu/~mills/teaching/eleg867b/dos/p2-kaufman.pdf I always enjoy the term "Denial of Services Countermeasure" ;-) Hope this helps, adulau -- -- Alexandre Dulaunoy (adulau) -- http://www.foo.be/ -- http://www.foo.be/cgi-bin/wiki.pl/Diary -- "Knowledge can create problems, it is not through ignorance -- that we can solve them" Isaac Asimov _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers