Quoting toad: > I have a better attack. You are targetting a > particular area of the > keyspace. Request a long stream of random keys very > close to the target > key. They will all DNF, and reduce the pDNF in that > area of each node > the node routes the request to, until the estimator is > so low that it > tries a different node. Keep on requesting and you can > effectively > eliminate the node's ability to route requests in that > region... I have > no idea how to fight this attack :(. Anyone have any > reason why it > wouldn't work?
Maybe pDNF needs to be smarter? How about using a table to track pDNF per requesting node and using the table of pDNFs to calculate a final pDNF? That should keep an individual node's insanity from impacting routing too much. If you make the table of nodes that you are tracking pDNF for a finite length, you can help limit an attack where the bad node constantly changes identities to poison the pDNF table. Of course, that depends on how you expire nodes from the pDNF table.... which I haven't fully thought through yet... ...If you just just implement the table as a fifo, as long as the node under attack is getting requests from nodes other than the attacker, the attacker shouldn't be able to poison the node too much. And once the attack on that node stops, the node should recover decently quick. This is where I usually second guess whether I should send this because I don't understand NGR completely and may make myself look stupid. And then I click 'send' anyway. j. > -- > Matthew J Toseland - [EMAIL PROTECTED] > Freenet Project Official Codemonkey - > http://freenetproject.org/ > ICTHUS - Nothing is impossible. Our Boss says so. _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
