Topic: KAD network attack (Read 5567 times)

lorey · « **on:** April 22, 2009, 02:16:57 PM »

Note for developers:

This person has found a way to attack the entire KAD network using only a limited amount of bandwidth.

Maybe, developers might read the case study and find a way to prevent this?

http://www-users.cs.umn.edu/~kyd/node/150

GonoszTopi · « **Reply #1 on:** April 22, 2009, 03:13:31 PM »

Quote from: GonoszTopi on April 22, 2009, 03:11:27 PM

You're jumping to conclusions.

lfroen · « **Reply #2 on:** April 22, 2009, 06:34:57 PM »

Quote from: GonoszTopi on April 22, 2009, 03:13:31 PM

Quote from: GonoszTopi on April 22, 2009, 03:11:27 PM
You're jumping to conclusions.

Did you actually read TFA?

Festor · « **Reply #3 on:** April 22, 2009, 07:01:44 PM »

Quote from: lfroen on April 22, 2009, 06:34:57 PM

Did you actually read TFA?

TFA? This?

wuischke · « **Reply #4 on:** April 22, 2009, 07:24:21 PM »

"The fucking article", it's slashdot jargon.

Anyway, both eMule and aMule developers already reacted on the paper's findings with updates to the Kademlia code.

Kry · « **Reply #5 on:** April 22, 2009, 07:25:58 PM »

Quote from: lfroen on April 22, 2009, 06:34:57 PM

Quote from: GonoszTopi on April 22, 2009, 03:13:31 PM
Quote from: GonoszTopi on April 22, 2009, 03:11:27 PM
You're jumping to conclusions.
Did you actually read TFA?

Did you actually notice the date of the article and our changelog entries? No? I didn't think so.

lfroen · « **Reply #6 on:** April 22, 2009, 09:05:06 PM »

Article is from 07-2008 which is about 9 months ago. Pretty recent, I say. Since I don't know what to look in changelog, dates on entries are not really helpful.
I you wanted to say "issue is know and been/being addressed" - why don't just say so?

Kry · « **Reply #7 on:** April 22, 2009, 09:14:29 PM »

Because you didn't know why Gonosz was saying what he was saying. If you wanted to say "Actually the article mentions several attack vectors to the Kad network, are those fixed or being addressed?" - why didn't just say so?

Because we're all pricks, lfroen. We're aaaall pricks.

GonoszTopi · « **Reply #8 on:** April 23, 2009, 10:21:05 AM »

Quote from: lfroen on April 22, 2009, 09:05:06 PM

Article is from 07-2008 which is about 9 months ago. Pretty recent, I say. Since I don't know what to look in changelog, dates on entries are not really helpful.

Issue had been addressed in eMule0.49b/aMule 2.2.2.

Quote from: Changelog

Several changes were made to Kad in order to defy routing attacks researched by University of Minnesota guys [Peng Wang, James Tyra, Eric Chan-Tin, Tyson Malchow, Denis Foo Kune, Nicholas Hopper, Yongdae Kim]

lorey · « **Reply #9 on:** April 23, 2009, 11:20:46 AM »

Quote from: Kry on April 22, 2009, 07:25:58 PM

Quote from: lfroen on April 22, 2009, 06:34:57 PM
Quote from: GonoszTopi on April 22, 2009, 03:13:31 PM
Quote from: GonoszTopi on April 22, 2009, 03:11:27 PM
You're jumping to conclusions.
Did you actually read TFA?

Did you actually notice the date of the article and our changelog entries? No? I didn't think so.

Well, yes I do actually. But this is the first line in the 2.2.4 changelog:
Plugged various memory leaks.

How can I know if this entry can refer to the article I mentioned? I don't know C++ either to check. In any case, I mentioned the article just in case you guys didn't know about it, which just by looking at some of your posts, some of you didn't.

Thanks for addressing the issues in the article promptly in aMule 2.2.2

Kry · « **Reply #10 on:** April 23, 2009, 03:25:07 PM »

You know, I wasn't even talking to you in that post.

aMule Forum

News:

Author Topic: KAD network attack (Read 5567 times)

lorey

KAD network attack

GonoszTopi

Re: KAD network attack

lfroen

Re: KAD network attack

Festor

Re: KAD network attack

wuischke

Re: KAD network attack

Kry

Re: KAD network attack

lfroen

Re: KAD network attack

Kry

Re: KAD network attack

GonoszTopi

Re: KAD network attack

lorey

Re: KAD network attack

Kry

Re: KAD network attack