On Sat, Sep 28, 2002 at 10:59:47PM -0500, Mike Barushok wrote: > On Sun, 29 Sep 2002, Samuele Giovanni Tonon wrote: > > > On Sat, Sep 28, 2002 at 05:36:06PM +0100, Dale Amon wrote: > > > I'm curious if anyone has thought about ways of blocking > > > this sort of attack before it gets to the home user? > > > http://www.the-dailyrant.com/archives/000855.html#000855 > > > > > it depends on the attack: they say they want the > > "Congress to allow them to be able to legally hack" > > > > My understanding of this, just from some online study, is > that what they are contemplating doing at this time would > be along the lines of: > > Custom client uses ... >[...]
a very "evil" attack :-) > Really, from what I have read, the way to block it > would seem to be to limit how many slow connections > the P2P software would permit. how much system does it take a socket() ? because to cirumvent this attack it'easy: avoid more than one connection from the same ip and limit not the queue but the bandwith (max_simul_download set to infinite and bandwith to what u like). so to limit you , they have to use a lot of "system load" too. another idea could be to implement in p2p software a sort of "anti very slow" user, so you start to drop connection from ppl at less than (say) 1Kbps . However it looks like that with this kind of attack there's the need to add new feature to your p2p client. > Standard disclaimers apply. IANAL. Not anyone's opinion except my > own. No warranty. Do not eat anything bigger than your head. LOL Samuele -- Samuele Giovanni Tonon <[EMAIL PROTECTED]> http://www.linuxasylum.net/~samu/ Acid -- better living through chemistry. Timothy Leary
