On Sat, Nov 02, 2002 at 05:29:58PM +0100, Robert Bihlmeyer wrote: > First, I'd like to throw in that I've been running different nodes in > a 192.168.x/24 net, and even on the same node (feeding one of them the > 127.0.0.1:portnum reference of the other). So I don't think special > casing adresses will work for all cases. I'm sure my setup is in the > minority though... > > Oskar Sandberg <oskar at freenetproject.org> writes: > > > Personally, I would prefer if we had a general strategy of fighting bad > > references that worked well enough that we didn't need to worry about > > special casing those addresses that are "obviously wrong" given TCP and > > DNS on the general Internet. > > That's obviously preferable. > > > However, I guess the real question is, how many times to we attempt to > > contact these bad references before throwing them out? If it is large, > > then a lot of time and effort is being wasted. > > Maybe we're doing it wrong then? A thread waiting for a timeout and a > number of SYN packets should be all that is being wasted. Not > something I'd lose much sleep over. I'm more concerned about somebody > maliciously feeding lots of bad references into the system. Is there > some DDoS potential here (announcing <your-victim>:80)? No, adding a new invalid reference will usually displace an old working one. > > -- > Robbe
-- Matthew Toseland toad at amphibian.dyndns.org amphibian at users.sourceforge.net Freenet/Coldstore open source hacker. Employed full time by Freenet Project Inc. from 11/9/02 to 11/11/02. http://freenetproject.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20021102/cadc4aec/attachment.pgp>
