aMule Forum

English => en_Bugs => Topic started by: lorey on April 22, 2009, 02:16:57 PM

Title: KAD network attack
Post by: lorey on April 22, 2009, 02:16:57 PM: Note for developers:

This person has found a way to attack the entire KAD network using only a limited amount of bandwidth.

Maybe, developers might read the case study and find a way to prevent this?

http://www-users.cs.umn.edu/~kyd/node/150
Title: Re: KAD network attack
Post by: GonoszTopi on April 22, 2009, 03:13:31 PM: Quote from: GonoszTopi on April 22, 2009, 03:11:27 PM
You're jumping to conclusions.
Title: Re: KAD network attack
Post by: lfroen on April 22, 2009, 06:34:57 PM: Quote from: GonoszTopi on April 22, 2009, 03:13:31 PM
Quote from: GonoszTopi on April 22, 2009, 03:11:27 PM
You're jumping to conclusions.
Did you actually read TFA?
Title: Re: KAD network attack
Post by: Festor on April 22, 2009, 07:01:44 PM: Quote from: lfroen on April 22, 2009, 06:34:57 PM
Did you actually read TFA?

TFA? This? (http://www.teachforamerica.org)
Title: Re: KAD network attack
Post by: wuischke on April 22, 2009, 07:24:21 PM: "The fucking article", it's slashdot jargon.

Anyway, both eMule and aMule developers already reacted on the paper's findings with updates to the Kademlia code.
Title: Re: KAD network attack
Post by: Kry on April 22, 2009, 07:25:58 PM: Quote from: lfroen on April 22, 2009, 06:34:57 PM
Quote from: GonoszTopi on April 22, 2009, 03:13:31 PM
Quote from: GonoszTopi on April 22, 2009, 03:11:27 PM
You're jumping to conclusions.
Did you actually read TFA?

Did you actually notice the date of the article and our changelog entries? No? I didn't think so.
Title: Re: KAD network attack
Post by: lfroen on April 22, 2009, 09:05:06 PM: Article is from 07-2008 which is about 9 months ago. Pretty recent, I say. Since I don't know what to look in changelog, dates on entries are not really helpful.
I you wanted to say "issue is know and been/being addressed" - why don't just say so?
Title: Re: KAD network attack
Post by: Kry on April 22, 2009, 09:14:29 PM: Because you didn't know why Gonosz was saying what he was saying. If you wanted to say "Actually the article mentions several attack vectors to the Kad network, are those fixed or being addressed?" - why didn't just say so?

Because we're all pricks, lfroen. We're aaaall pricks.
Title: Re: KAD network attack
Post by: GonoszTopi on April 23, 2009, 10:21:05 AM: Quote from: lfroen on April 22, 2009, 09:05:06 PM
Article is from 07-2008 which is about 9 months ago. Pretty recent, I say. Since I don't know what to look in changelog, dates on entries are not really helpful.

Issue had been addressed in eMule0.49b/aMule 2.2.2.

Quote from: Changelog
Several changes were made to Kad in order to defy routing attacks researched by University of Minnesota guys [Peng Wang, James Tyra, Eric Chan-Tin, Tyson Malchow, Denis Foo Kune, Nicholas Hopper, Yongdae Kim]
Title: Re: KAD network attack
Post by: lorey on April 23, 2009, 11:20:46 AM: Quote from: Kry on April 22, 2009, 07:25:58 PM
Quote from: lfroen on April 22, 2009, 06:34:57 PM
Quote from: GonoszTopi on April 22, 2009, 03:13:31 PM
Quote from: GonoszTopi on April 22, 2009, 03:11:27 PM
You're jumping to conclusions.
Did you actually read TFA?

Did you actually notice the date of the article and our changelog entries? No? I didn't think so.

Well, yes I do actually. But this is the first line in the 2.2.4 changelog:
Plugged various memory leaks.

How can I know if this entry can refer to the article I mentioned? I don't know C++ either to check. In any case, I mentioned the article just in case you guys didn't know about it, which just by looking at some of your posts, some of you didn't.

Thanks for addressing the issues in the article promptly in aMule 2.2.2 :)
Title: Re: KAD network attack
Post by: Kry on April 23, 2009, 03:25:07 PM: You know, I wasn't even talking to you in that post.