Actual Attacks
For a theoretical discussion of what is possible, see here. This page lists actual hostile attacks which we are reasonably confident have occurred, against the network or against our infrastructure.
Ages ago: China's Golden Shield has blocked our website since time immemorial, along with any other site containing the term "freenet". There are many meanings of "freenet", and it seems all of them are bad from their perspective. This includes both keyword blocking and DNS poisoning (dyndns IPs are also scrambled, which affects some of our users).
August 2005: Link layer: Testing shows the Golden Shield blocks Freenet 0.5 outgoing connections (this is not NAT, we could connect, but the connections got killed when they sent the 0.5 session bytes). If we told you more, we'd have to kill you. :)
Most of 2007: Frost: Spam on various boards. Anonymous floods, signed floods, Message of Death attacks (some zeroday i.e. discovered by spammer), duplicating real messages on different boards, most recently an ALICE bot answering every post not its own. Strangely enough he isn't attempting to flood the boards: his attack does however make life extremely difficult for newbies. Oldies can just turn off CHECK and only see messages from their friends and which their friends have replied to. The strategic effect is to choke off the flow of newbies into Frost, without making it such an urgent issue that it is immediately dealt with.
21 August 2007: Infrastructure: Email server: DoS/subscribe random addresses
22 December 2007: Infrastructure: the website has been compromized
Late 2007 onwards: Ongoing DoS on Frost. Not only the ALICE bot, but also flooding most boards with large numbers of bogus, unparseable, invisible messages (around 30k-60k messages per week). Wildly successful: FMS is very hard to set up, since it requires both a web browser for setup and an NNTP newsreader for posting messages. It also requires you to do a large number of CAPTCHAs at the beginning (apparently unavoidable, although there are serious worries over the long term viability of captchas), and setting trusts can't be done from within the chat interface (except maybe with a plugin, or automatically on message replies). Hopefully the java version of FMS, a plugin with a web and FCP interface, based on the Web of Trust plugin, will solve this problem once and for all.
Unclear (2007/2008): Emu's SVN server was DoS'ed according to nextgens. This precipitated the decision to make the SVN repository private (developer only even for read access, since you can DoS a SVN repo with read access fairly easily), and use a googlecode mirror for anonymous access. Unfortunately, syncing updates to googlecode broke for several months due to a bug on their end relating to large binary files...
31 Jan 2009: Somebody spamming at least 3 small to medium sized IRC networks, with advertising apparently for us. Address is not a tor node, so an abuse mail is being sent by one of the network's operators... This is probably by the same idiot who forced us to auto-quiet Tor users on #freenet some time back via notice spam..
