Does anyone notices that the current version of eMule/aMule Using Kademlia may mitigate the Sybil Attack! The rules for adding new contacts: ============================== ================================================= ------ From aMule 2.2.1/eMule0.49a
- Kad will now enforce certain limits when adding new contacts to the routing table: No more than 1 KadNode per IP, 2 similar KadNodes (same bin) from a /24 network and at a maximum 10 different KadNodes from a /24 network are allowed. This is supposed to make routing attacks against Kad more difficult and resource-intensive. ------ From aMule 2.2.2/eMule0.49b - Kad now ignores multiple IDs pointing to one IP in routing request answer - Kad contacts will only be able to update themself in others routing tables if they provide the proper key (supported by 0.49a+ nodes) in order to make it impossible to hijack them - Kad uses now a three-way-handshake (or for older version a similar check) for new contacts, making sure they do not use a spoofed IP - Unverified contacts are not used for routing table ===================================================================================== Any ideas? -Yunzhao
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
