Re: [Pan-users] Countering BOT attacks.

[Duncan]

On Wed 16 Apr 2003 23:41, Alen Williams posted as excerpted below:
> From a recent usenet posting:
>
> Some nimrod (possibly an agent of the MPAA) instituted a
> "bot attack" which placed a "new" segment into many or most of the RAR
> files. Most newsreaders will assemble a multipart file by using the
> most recent of the individual segments when there are two or more of
> the same header information -- thus, your quandary.
>
> Apparently the writers of Xnews made
> a very small change and countered this. Is this possible in Pan? To have
> an option to use the FIRST segment if it finds two with the same
> headers?

I don't know what this had to do with the post of mine on send-later oddness 
it is a reply to, but...

While I don't personally do a lot of multi-parters, I too believe some counter 
to this attack is needed.  I see the comments about it in the my ISP groups 
all the time.  IMO, for PAN *NOT* to have this ability would be like it not 
doing yEnc, as far as binary groups are concerned.

However, the original behavior was there for a purpose -- if a part gets 
scrambled in original transmission, many posting agents will repost it 
automatically.  Taking the earliest part kills self-healing binaries based on 
that.  

IMO, when there are more than one of a single part, if it's yEnc with the 
checksumming enabled, PAN should be able to try the first, and if it doesn't 
match sum, try others.  If checksumming is not available for whatever reason, 
offer the user a choice, probably with the first one as default.  If they try 
the resulting binary and it doesn't work, they can go back and try it again, 
with a different choice, when offered.

-- 
Duncan
"They that can give up essential liberty to obtain a little
temporary safety, deserve neither liberty nor safety." --
Benjamin Franklin