On Mon, Sep 22, 2003 at 03:02:42PM -0700, Ian Clarke wrote: > On Mon, Sep 22, 2003 at 10:41:04PM +0100, Toad wrote: > > From time to time, reimplementing TCP, or using UDP, has been suggested > > for Freenet. I will now show that Freenet's future security requires it. > > An attacker who can observe the traffic to and from a node, and who can > > introduce a tiny amount of traffic, can close any TCP connection between > > the node and the rest of the network, with virtually no effort, and > > perhaps using spoofed packets. Thus, the ability to surveil a Freenet > > node and spoof a tiny number of packets equates to the ability to > > destroy the node in question. > > > > Why is this crazytalk? > > Firstly, a DoS attack on a known Freenet node is always going to be > possible because a DoS attack on any given IP address, irrespective of > what services it is running, is within the capability of the average 12 > year old script kiddie.
Wrong. Total bullshit. A 12 year old kiddie can DoS an address IF HE HAS OR CAN ACQUIRE MORE BANDWIDTH THAN THE TARGET. Otherwise the internet would have been completely destroyed aeons ago. > > An attacker with the ability to monitor a node's communications will > presumably have the ability to just cut off that node's internet > connection too - they wouldn't even need to bother with the attack you > describe. Perhaps, perhaps not. > > Ian. > > -- > Ian Clarke [EMAIL PROTECTED] > Coordinator, The Freenet Project http://freenetproject.org/ > Weblog http://slashdot.org/~sanity/journal -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
