On a side note, I've found another use for Freenet as a system stress test. Unlike most applications, with Freenet you can really see a differences when you change your system configuration. If you have bad memory, Freenet will find it. If you have slow disk access, Freenet will really show you how slow it is. That new 2.6Ghz processor, Freenet will eat it up and ask for dessert. If your router is crap, Freenet will zero in on that weak spot.
p.s. Sorry for the double post. I'll blame that on my router too.
Salah Coronya wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Roger Hayter wrote:
In message <[EMAIL PROTECTED]>, [EMAIL PROTECTED] writes
For a long time I've received what looks like SYN floods and SMURF attacks to my port associated with Freenet. I've assumed that it's a fault of my firewall or PC, but what's weird is that the port of the "offending" IP increments. I thought that the port that Freenet uses was fixed being that it was defined in the .conf file.
Excuse my display of ignorance, but could someone please explain why the far ends port would need to change?
Example
Time: 05/31/2004, 04:21:52 Message: Smurf Source: 133.205.255.225, 1905
Time: 05/31/2004, 04:25:38 Message: Smurf Source: 133.205.255.225, 2600
Etc.
Most likely this is an attempt by a Freenet node on 133.205.255.225 to connect to your Freenet external port, which is fixed, but is being prevented by your firewall. It tries again and chooses the next available source port. It has to use a new source port so it can tell the difference between the present connection and previous ones, should a packet return. The return packet will be from your Freenet fixed port, and to the arbitrary source port on the remote machine, 133.205.255.225. This is normal. Can you tell your firewall to ignore connections to your Freenet port? I think it may well be identifying Freenet packets as smurf attacks - what does anyone else think?
If this is from a SOHO broadband router - especially a D-Link router, they should likely be disregarded, as the DoS detection in there doesn't usually work and it KNOWN to be broken in D-Link's firmware.
There was a version of Freenet, 5023 IIRC, that accidently DID launch a sort of "syn flood" as it would try to reconnect relentlessly.
In general, most SOHO router simply cannot handle the kind of traffic Freenet generates, and it confuses it with a DoS attack. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAu7YxhctESbvQ8ZwRAlhbAJ9Xn5orQIPwNhtdaONP5Ha7vHuNnACfSODp 2eiFYi1hJm8YNcVQSuVA+5o= =okvI -----END PGP SIGNATURE----- _______________________________________________ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
_______________________________________________ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]