Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1R4Fvw-0007Pi-Jk for bitcoin-development@lists.sourceforge.net; Thu, 15 Sep 2011 17:41:08 +0000 X-ACL-Warn: Received: from mail-ey0-f175.google.com ([209.85.215.175]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1R4Fvv-0001b8-NT for bitcoin-development@lists.sourceforge.net; Thu, 15 Sep 2011 17:41:08 +0000 Received: by mail-ey0-f175.google.com with SMTP id 25so1874214eya.34 for ; Thu, 15 Sep 2011 10:41:07 -0700 (PDT) MIME-Version: 1.0 Received: by 10.14.12.140 with SMTP id 12mr511188eez.91.1316108467098; Thu, 15 Sep 2011 10:41:07 -0700 (PDT) Sender: mith@jrbobdobbs.org Received: by 10.14.96.15 with HTTP; Thu, 15 Sep 2011 10:41:06 -0700 (PDT) Received: by 10.14.96.15 with HTTP; Thu, 15 Sep 2011 10:41:06 -0700 (PDT) In-Reply-To: References: <201109142206.40455.luke@dashjr.org> <4E71F5F8.2020807@jerviss.org> <201109151136.47485.luke@dashjr.org> Date: Thu, 15 Sep 2011 12:41:06 -0500 X-Google-Sender-Auth: zb6_b45qYtn_HLRyx5zdTuZc0H8 Message-ID: From: Douglas Huff To: Gavin Andresen Content-Type: multipart/alternative; boundary=0016e6d4f643aad40504acfe61f4 X-Spam-Score: 1.0 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 1.0 HTML_MESSAGE BODY: HTML included in message X-Headers-End: 1R4Fvv-0001b8-NT Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Request review: drop misbehaving peers X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2011 17:41:08 -0000 --0016e6d4f643aad40504acfe61f4 Content-Type: text/plain; charset=ISO-8859-1 On Sep 15, 2011 11:20 AM, "Gavin Andresen" wrote: > I'm ignoring bandwidth DoS attacks-- we already have the > -maxreceivebuffer option to deal with those. I disagree with this comment. The way this is currently implemented is a mem exhaustion dos in itself waiting to happen and does nothing to prevent network flooding. --0016e6d4f643aad40504acfe61f4 Content-Type: text/html; charset=ISO-8859-1


On Sep 15, 2011 11:20 AM, "Gavin Andresen" <gavinandresen@gmail.com> wrote:
> I'm ignoring bandwidth DoS attacks-- we already have the
> -maxreceivebuffer option to deal with those.

I disagree with this comment. The way this is currently implemented is a mem exhaustion dos in itself waiting to happen and does nothing to prevent network flooding.

--0016e6d4f643aad40504acfe61f4--