On Mon, Oct 8, 2012 at 4:18 PM, Matthieu Rakotojaona < [email protected]> wrote:
> On Mon, Oct 8, 2012 at 9:31 AM, Roman <[email protected]> wrote: > > The attacked could fetch the content from the victim directly without > > involving public hubs. As long as each publish request to a hub > translates > > to one fetch request, the attacker isn't gaining anything by using the > hubs. > > > > Roman. > > I wasn't talking about any intrusion or content fetch, just a large > number of connections arriving at the same time on one host and > crashing it under the load. > > Doesn't this require the attacker to open a large number of connections to hubs at the same time? If he's able to do that, what's preventing him from sending the fetch requests directly to the victim bypassing the hubs? Roman.
