Quote:
Originally posted by Vinnie
Gwebcache is pretty darn cool, I must admit. |
Thanks, good thing I came up with it when I did, we really need it now and more anon features.
Quote:
However, I was never fully comfortable with the idea that the IP address are not tested to make sure they can accept incoming connections.
I also feel that even Gwebcache is vulnerable to attacks, although the attacks will not be completely effective at blocking access to the network, they can cause connection establishment to take longer. |
A little at a time, some of the security concerns have been addressed for the more basic attacks, and there are over 190 GWebCache servers running now so it is much better than the few dedicated "connect1.gxxx" we had before.
The IP addresses given on the system are mostly ultrapeers and are checked in a way since posting them from different IP sources will keep them around, otherwise they drop off. You can't just keep posting wild IP numbers to them from a single IP source either. If you had a bank of IP numbers available to you, you might be able to cause a little glitch in the system, but it would recover quickly and a lot of people would know who you are very fast.
GWebCache never would have happened if it wasn't for Open Source and many peoples' contributions.
Kudos also to ZeRO-G who picked this up and ran with it like a mad man on a wild mission when no one else paid any attention.
Some of the history and security concerns can be found here:
http://216.74.73.125/~c0re/gnuforum/...play.php?fid=7