> > On 06/19/2012 04:10 PM, Matthew Toseland wrote: > > However, DoS protection should be a little stronger than has been > > discussed: You should limit the average number of probes on a > > given link per unit time, like we do with swapping. This should > > probably be an average, and should be generous enough that it isn't > > going to be violated by accident, but it's preferable to having a > > limit on in-flight probes, as it will quench any flood more or less > > at source, and the attacker will be limited by the number of > > connections he has (at least on darknet, connections are > > expensive). > > The number of probes accepted per peer is limited with a counter which > increments when a request is accepted, decrements 60 seconds later, > and has a maximum (currently 10) above which no more requests are > accepted from that peer. Is my understanding correct that this is an > acceptable way to implement per-link limits? >
You can also use probes to detect DoS (or plain old bugs in the probe implementation) if probes report back 1 the average number of outstanding probes across all peer nodes 2 the count or fraction of nodes which are at the maximum 10. That information can be used for all kinds of other research as well. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120620/a03046db/attachment.html>
