View Single Post
  #19 (permalink)  
Old July 2nd, 2002
Vinnie Vinnie is offline
BearShare Developer
 
Join Date: May 25th, 2001
Posts: 163
Vinnie is flying high
Default

Quote:
Originally posted by Morgwen
And why it opens the network to more attacks, you should explain your statements!
I believe their scheme hinges on sending GGEP-ed pongs with uptime information. The idea is that higher uptime addresses will be preferred over shorter uptime, to speed the connection process.

The problem with this scheme, is that a hostile entity can flood the network with bogus GGEP-ed pongs that claim very high uptimes. If the pongs have random IP addresses, it will greatly increase the bootstrap procedure and users will leave the network (or choose a different client).

On the other hand, our "anchor heartbeat" message is digitally signed, cannot be faked, and contains the addresses of known connectible Ultrapeers whose identities are secured. Fortunately, we are making the format of this message available to everyone so that even the open source servents can benefit.

This message, and others, are detailed by me in the GDF:
http://groups.yahoo.com/group/the_gdf/message/8222

You're welcome in advance, you can thank me for pushing Gnutella forward later (maybe around BearShare 5.0.0 or 6.0.0).
Reply With Quote