On Fri, Jan 03, 2003 at 12:19:39AM +0200, Catalin wrote: > From what I see in the freenet.pdf document at 5.3.1 a computer sends a > message containing the TTL (time to live), who sent the message and the > recipient. > But the default TTL is usualy 15 (from what I see in the configuration > file) so, if a computer receives many requests from another computer > with the TTL15 is very likely that the request is initiated by that > computer. Yeah, known vulnerability. The worst case is if they see multiple requests that they happen to know are all part of the same splitfile or freesite from the same node. Shouldn't happen very often though. > So if someone is monitoring the network, for example a member of the > communist party from china, could find a list os suspect ip's and then > hack those ip's and search inside them if they have a particular > information (someone who looks for an informations on freenet is likely > to save it inside his computer outside the freenet cache (in the browser > cahe for example)) then is trouble for that person... > I don't know if this is possible or if it is possible maybe it was fixed > since 1999 but if this scenary is possible then I sugest a very simple > solution: at instalation the instalation program writes inside the > config file a random default TTL number from 12 to 18 for example. Of course this doesn't stop the above attack... might be a good idea though. Another possibility is to tweak the HTL slightly when originating a request (depending on the HTL - HTLs under 10 or so probably wouldn't get much tweaking). The problem is that if you are fetching a huge splitfile, or browsing a very large site, that the attacker also knows about, his node may get enough requests to figure it out even if you do tweak the HTL slightly.. and the tweaking might actually help him. The correct solution for all this is to mixmaster the first two (or so) hops... this discussion is more suited to [EMAIL PROTECTED], or [EMAIL PROTECTED], than support. > > Catalin > PS: I would like more detailed information about the structure of the > today freenet (0.5 or even 0.4 or 0.3). I know that I can read the > sources but I prefer an easier way(some documentation or something newer > than the 1999 pdf file) :) The document "FNP protocol spec" in the Public Area is very detailed (and dense!). >
-- Matthew Toseland [EMAIL PROTECTED] [EMAIL PROTECTED] Freenet/Coldstore open source hacker. Employed full time by Freenet Project Inc. from 11/9/02 to 11/1/03 http://freenetproject.org/
msg06141/pgp00000.pgp
Description: PGP signature
