Hi, On Sun, 31 Aug 2003 23:39:16 -0400 "Richard Ahlquist" <[EMAIL PROTECTED]> wrote:
> This is similar to something I suggested on /. the other day though I must > confess you have put far more thought into it than I have. A P2P distributed > blacklist could defeat the DDOS attacks centralized servers are subject to. See the thread "Thoughts on DNSBL distribution via CVS" on the spamtools mailing list (info at http://www.abuse.net/spamtools.html) for more interesting proposals. rsync is also another interesting means of distributing DNSBL information, but it only addresses bandwidth issues, not diffusing legal and technical vulnerability. > The only gotchyas are how to maintain it. Who decides who is on it and when > they come off. A distributed reporting into the list file may work. In order > to do lookups in the list require that folks peer sharing at least 2-5 > outbound connects? Balancing anonymity and trust is difficult but systems like Razor are doing that now with some degree of success. It's an important area that's actively researched. Justin forwarded this link on DRBL's voting mechanism. http://www.drbl.croco.net/eng/faq.html Very interesting. Their other faults nonwithstanding, the lesson to be learned from Osirusoft, SPEWS, ORBZ, and ORBS are to eliminate centralized components to the greatest degree possible. > All I can hope is a developer who know what they are doing finds some merit > in a idea like this. I wish I had the time and competence for a project like this. I couldn't find the time to help with mass-check runs for SA 2.6x :/ -- Bob ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
