Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1R4CaX-0001Zo-Ne for bitcoin-development@lists.sourceforge.net; Thu, 15 Sep 2011 14:06:49 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.161.47 as permitted sender) client-ip=209.85.161.47; envelope-from=gavinandresen@gmail.com; helo=mail-fx0-f47.google.com; Received: from mail-fx0-f47.google.com ([209.85.161.47]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1R4CaS-00089f-7S for bitcoin-development@lists.sourceforge.net; Thu, 15 Sep 2011 14:06:49 +0000 Received: by fxi1 with SMTP id 1so915145fxi.34 for ; Thu, 15 Sep 2011 07:06:38 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.33.19 with SMTP id f19mr595816fad.122.1316095597907; Thu, 15 Sep 2011 07:06:37 -0700 (PDT) Received: by 10.152.25.105 with HTTP; Thu, 15 Sep 2011 07:06:37 -0700 (PDT) In-Reply-To: <4E71F6D6.2090208@justmoon.de> References: <4E71F6D6.2090208@justmoon.de> Date: Thu, 15 Sep 2011 10:06:37 -0400 Message-ID: From: Gavin Andresen To: Stefan Thomas Content-Type: text/plain; charset=ISO-8859-1 X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gavinandresen[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 AWL AWL: From: address is in the auto white-list X-Headers-End: 1R4CaS-00089f-7S Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Request review: drop misbehaving peers X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2011 14:06:49 -0000 > Should the DoS protection auto-disable if the node has less than a minimum > number of connections? The idea being that if our node seems to be kicking > everybody off the roster maybe there is something wrong with the > protections. Darn good question. If the protection fails, would it be better for it to 'fail hard', leaving people complaining "bitcoin won't stay connected!" Or fail soft, so you at least have a couple of connections. I think fail hard is better-- we'll immediately know about the problem, and can fix it. Fail soft makes me nervous because I think that would make it more likely a bug splits the network (and, therefore, the blockchain). > It would be nice if the node sent a message to the banned peer with a code > indicating the reason for the ban If I think you're trying to DoS me, why would I be nice to you? I think response messages would just give an attacker another potential attack vector, and it is clear from the debug.log what triggers a ban. > Should sending lots of messages that don't pass the protocol-level checksum > test be a bannable offense? Or generally sending garbage data? Good question. Anybody see a reason not to? How much tolerance (if any) should there be for sending garbage data (I assume the lower-level network stack almost never garbles data, is that a good assumption)? -- -- Gavin Andresen