There are several papers about how to stop DDoS by using cryptographic puzzles.[1] The core idea is to give the abuser some algorithmic work he has to solve, thereby forcing him to waste processing power, and then to slow him down to a manageable level.[2] That only work if you are the target, and not some intermediary are targeted.
Could it be a solution for the WMF servers? [1] http://d-scholarship.pitt.edu/24944/1/mehmud_abliz_dissertation.pdf (just a random pick) [2] https://searchsecurity.techtarget.com/answer/TLS-protocol-Can-a-client-puzzle-improve-security (about TLS, but can also be done at the application level) _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
