mikeiscool wrote:
Could this sort of system be something that is implemented way before
a HTTP connection even starts?
Say, implemented by OS vendors or API vendors of sockets. That is to
say, when you open a socket connection for the first time, for certain
protocols, you need to pay this fee.
On Tue, 15 Aug 2006, Bill Stewart wrote:
Crypto is usually about economics and scalability.
If you're doing this for DOS/DDOS prevention,
you don't need the NP-completeness perfection you get from
Hamiltonian paths or similar problems - SHA is fine,
or any other hash that's quick to verify and
IMHO, an interesting read:
tapir.cs.ucl.ac.uk/bittau-wep.pdf
The Final Nail in WEP’s Coffin
Bittau, A. Handley, M. Lackey, J.
University College London;
This paper appears in: Security and Privacy, 2006 IEEE Symposium on
Publication Date: 21-24 May 2006
On page(s): 386- 400
Authors
--
alan wrote:
But if the packets are forged, wouldn't that turn it
into a different kind of DOS?
If I can get you to blacklist Alice by sending n
forged attack packages, then my DOS succeeded, if my
goal is to deny a connection between you and Alice.
The goals is usually to shut down
--
Anne Lynn Wheeler wrote:
as an aside, i've pointed out before that in the
mid-90s that as webserver activity was increasing ...
a lot of platforms experienced severe throughput
degradation with HTTP transaction protocol use of TCP.
Most platforms had a highly inefficient session
--
Anne Lynn Wheeler wrote:
so a real SSL simplification, when the client contacts
the domain name infrastructure to do the domain name
to ip-address translation, the domain name
infrastructure can piggy-back the public key and any
necessary ssl options on the ip-address reply.
the
James A. Donald wrote:
This is obviously the right way to do it - the current
system has security and checking boundaries in the wrong
place, as well as being unnecessarily verbose.
Yet the plan never went anywhere. What happened?
There is a gap between communications that are highly
There have been a number of news articles recently about server farms
running into power crunches. NSA, as we all know, has lots of computers.
They're running into a power crunch, too, according to
http://www.baltimoresun.com/news/nationworld/bal-te.nsapower06aug06,0,5137448.story
The story