How to use Gnutella for EASY distributed denial of service attacks

As I understand it, when an XML search (under the LimeWire System) is recieved by a servent, the search contains the URL
of the XML schema it is using. The servent must then have a copy
of the XML schema, so if it hasn't downloaded it already, it will
download it now. Then the servent must parse the Schema, etc...

So I could initate a XML search request with the URL of the Schema being somthing like:

http://site_to_crash.com/fakeschema.xml

Then all of the thousands of servents that would recieve it would
contact that site and try to download that file. If I initate a few dozen search requests like this ( each with a different filename on the same host ) I could probably crash that site ( unless it has lots of servers )

How am I wrong?
How does Limewire's XML Search System work differently than I think it does?

This is not a bug: no such attack is possible, given the fact that LimeWire does not download schemas from the indicated URL. The URL for the schema is just a namespace (this is compliant to the W3C rules regarding XML schemas), and the namespace is always solved locally, by using a local store of the XML schemas.

You should reread the specification of XML, and you'll see that a compliant XML parser does not need to refer the XSD schema by downloading it prior to validating a XML document.

LimeWire uses the W3C-compliant "Xerces" XML parser for Java.

__________________
LimeWire is international. Help translate LimeWire to your own language.
Visit: http://www.limewire.org/translate.shtml