>> I have a better attack. You are targetting a >> particular area of the >> keyspace. Request a long stream of random keys very >> close to the target >> key. They will all DNF, and reduce the pDNF in that >> area of each node >> the node routes the request to, until the estimator is >> so low that it >> tries a different node. Keep on requesting and you can >> effectively >> eliminate the node's ability to route requests in that >> region... I have >> no idea how to fight this attack :(. Anyone have any >> reason why it >> wouldn't work? > >Maybe pDNF needs to be smarter? How about using a table to track pDNF per >requesting node and using the table of pDNFs to calculate a final pDNF? That >should keep an individual node's insanity from impacting routing too much. If >you make the table of nodes that you are tracking pDNF for a finite length, you >can help limit an attack where the bad node constantly changes identities to >poison the pDNF table. Of course, that depends on how you expire nodes from the >pDNF table.... which I haven't fully thought through yet... > >...If you just just implement the table as a fifo, as long as the node under >attack is getting requests from nodes other than the attacker, the attacker >shouldn't be able to poison the node too much. And once the attack on that node >stops, the node should recover decently quick. > >This is where I usually second guess whether I should send this because I don't >understand NGR completely and may make myself look stupid. And then I click >'send' anyway.
you assume that the attack is coming only from *one* node and this node floods your node with bad requests. this contradicts with premix-routing as there the original requester is requesting through one or more of every nodes in it's routing table so your proposal will not work anymore _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
