blob: abfdc940bbbd1881048fc77d7af4416b1917c29e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# external libraries
* https://github.com/kokke/tiny-AES-c
* libmd-dev for sha1.h and sha2.h
# todo
* use ppoll
* implement BEP-0042 DHT security extension, requires crc32c library
* metadata receiving from uTorrent does not work for some unknown reason (fixed)
* uses A LOT of bandwidth, implement packet deduplication (fixed?)
* analysis: geoip for queries, get their localtime and update counter for current 15 minute period in countries time(queries) chart
# anti sybil measures:
* only get_peers when aren't any peers to test (done)
* periodic counter for packets that resets on periodic call, assert none of the following is larger than 2**14: (done)
- received queries
- sent queries
- received responses
- sent responses
* detecting sybil with buckets > 64 (done)
* disallowing IP addresses to be added into our own bucket that already exist in the routing table (done)
- currently only if IP address is the one that causes the split, this may be suboptimal
* TODO: accept every replied node into the routing table only after pinging it with a random ID, storing in t encrypted first MAXT-1 bytes of the id that it sent with packet that generated a replied(). upon receiving the reply, if the r/id and decrypted t don't match in MAXT-1 bytes, ignore the node (it's a sybil attacker).
- MAXT-1 instead of MAXT because MAXT sized ts are sent in get_peers queries
- only consider possible nodes when reading "nodes" and "nodes6" in responses when responses are verified with this strategy, I think this prevents massive data sendings because of poorly programmed sybil nodes and poorly programed travnik.
# known non-posix
* `MSG_DONTWAIT`, `SOCK_NONBLOCK`: replace with `fcntl` `O_NONBLOCK`
* `MSG_NOSIGNAL` on `sendto`: replace with `SIGPIPE` signal handler
|
