My OperaDealing with P2P DDoS
Wednesday, January 14, 2009 5:09:59 PM
Peer to peer networks are by their very nature trusting, and one example in that regard are direct connect hubs, which can send a command such as this; to all connected users:
$ConnectToMe 10.22.33.44:56789
Which then results in the client receiving this message will connect to that host and port using tcp. However, that host may not want that connection, and risk getting thousands of connection requests from weird peer to peer speaking clients per minute. From the client's perspective it is merely asked to set up a connection by another user, who it does not know.
In the Direct Connect community we have already seen examples of web servers being shut down due to this type of distributed denial of serivce attacks. They have been going on for days, weeks and even months in some cases. The problem is, how do we deal with this type of problem?
I have suggested a backward compatible extension to the NMDC and ADC protocol that will at least identify which hub(s) are behind the attacks. Read more about that here.
