© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
I agree, the ADC part of this is the part that worries me.
The NMDC part is actually the most straightforward change as such. Jonny has already implemented it in peeraware (that was fast!).
For instance uHub will disconnect any client that does not report HSUP [AD|RM][xxxx] where xxxx is not exactly 4 bytes alpha numeric, although that is a hub.
Alternatively, this can be done using a forced STA message.
Example:
CSUP ADBASE
CSTA 000 RFadc[s]
Perhaps more elegant?
> In general, once a hub has been identified as spammer, what then?
That's out of band and out of scope. If you are attacked for days, weeks or months, then you contact the ISP of the attacker, or contact the relevant authorities.
The irony is also that hublists have been attacked systematically so far, it would be possible as a next step to remove them from hublists so that users do not join these hubs. Going even further, it is also possible to implement client based block lists, which are updated regularily without updating the client software. But, that are just future possibilities and way out of scope for this particular change...
> What about referer spoofing?
In any case, the address can give the attacked party information about who is behind. Likely the attacked party can verify this information by following the trail there to confirm the information, by for instance joining, and checking if the hub allows spoofed CTMs. A DDoS hub is likely large and open in order to be effective (that's just speculation, though).
Spoofing the referer itself would require a rogue client. In order to pull off an attack of the magnitude we have seen recently one would need thousands of these rogue clients connecting from different IPs using spoofed referers. While we are at it and someone actually has this type of capability, they can easily perform far more effective DDoS using other mechanisms than talking ADC/NMDC to webservers. Unless the idea is to blaim an unsuspecting hub, but that information still should be verifyable like described above...