[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Dchub-dev] [Bug #3096] strange search-messages
From: |
nobody |
Subject: |
[Dchub-dev] [Bug #3096] strange search-messages |
Date: |
Sun, 06 Apr 2003 04:50:01 -0400 |
=================== BUG #3096: LATEST MODIFICATIONS ==================
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=3096&group_id=3963
Changes by: Eric PREVOTEAU <address@hidden>
Date: Sun 04/06/2003 at 10:50 (Europe/Paris)
What | Removed | Added
---------------------------------------------------------------------------
Assigned to | None | ericprev
Status | Open | Closed
------------------ Additional Follow-up Comments ----------------------------
Search queries are now analysed more carefully. In fact, it is a bug because it
is possible to make a DDoS on a computer by giving its IP in the query. All
other clients will send their reply to this IP. Now, any client sending
malformed search query is kicked.
=================== BUG #3096: FULL BUG SNAPSHOT ===================
Submitted by: hhgoth Project: DcHub: Hub software for Direct
Connect
Submitted on: Thu 04/03/2003 at 21:47
Category: None Severity: 5 - Major
Bug Group: None Resolution: None
Assigned to: ericprev Status: Closed
Release: 0.4.1_CVS Platform Version: Any
Planned Release: None Fixed Release:
Summary: strange search-messages
Original Submission: it's not a bug it's a feature ;)
...the hub is delivering strange searchrequests
e.g. active-search with localhost-ip 127.0.0.1
or searchrequests without ip-address or hub just the ':port'
as well maybe a hub-var could be helpful to block private-address-space
search-requests. It should be only needed for testing enviorments of special
purposes...
...should be blocked I think
Follow-up Comments
*******************
-------------------------------------------------------
Date: Sun 04/06/2003 at 10:50 By: ericprev
Search queries are now analysed more carefully. In fact, it is a bug because it
is possible to make a DDoS on a computer by giving its IP in the query. All
other clients will send their reply to this IP. Now, any client sending
malformed search query is kicked.
CC list is empty
No files currently attached
For detailed info, follow this link:
http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=3096&group_id=3963