Revision [3608]

Last edited on 2009-12-19 18:06:40 by EvanD [rv spam]
Additions:
[[CancerNodes Cancer Nodes]]
Deletions:
[[http://www.mastersthesiswriting.com/thesis.html Good Thesis Writing]]
[[Seed Nodes]]

Revision [3595]

Edited on 2009-12-16 16:22:26 by AlexHaffey [!]
Additions:
[[http://www.mastersthesiswriting.com/thesis.html Good Thesis Writing]]
Deletions:
[[CancerNodes Cancer Nodes]]

Revision [3446]

Edited on 2009-10-22 01:14:38 by BrendaPage [link added]
Additions:
[[Seed Nodes]]

Revision [3353]

Edited on 2009-09-12 20:00:31 by EvanD [see also]
Additions:
[[ActualAttacks Actual Attacks]]
[[DarknetAttacks Darknet Attacks]]
[[CancerNodes Cancer Nodes]]
Deletions:
[[ActualAttacks]]
[[DarknetAttacks]]

Revision [3352]

Edited on 2009-09-12 19:59:27 by EvanD [see also]
Additions:
====See also====
[[FreenetZeroPointSevenSecurity]]
[[ActualAttacks]]
[[DarknetAttacks]]

Revision [3260]

Edited on 2009-08-05 15:18:05 by EvanD [wording, tunnels]
Additions:
Another interesting attack is a [[KeySearchAttack global key-based search]]. Basically you assume that routing works (it does most of the time, or Freenet won't scale), and use that to calculate the set of nodes that could have made the request. Slowly you narrow down the possible areas of the network, and connect to nodes closer and closer to your target, until you have found it.
- Premix routing or [[RendezvousTunnels rendezvous tunnels]] should help a lot.
Deletions:
Another interesting attack is a [[KeySearchAttack global key-based search]]. Basically you assume that routing works (it does most of the time, or Freenet won't scale), and use that to calculate the range of locations the requesting node could have been at. Slowly you narrow down the possible areas of the network, and connect to nodes closer and closer to your target, until you have found it.
- No idea!

Revision [2383]

Edited on 2007-12-19 21:56:16 by MatthewToseland [key search attack]
Additions:
Another interesting attack is a [[KeySearchAttack global key-based search]]. Basically you assume that routing works (it does most of the time, or Freenet won't scale), and use that to calculate the range of locations the requesting node could have been at. Slowly you narrow down the possible areas of the network, and connect to nodes closer and closer to your target, until you have found it.
- No idea!

Revision [2382]

Edited on 2007-12-19 21:54:07 by MatthewToseland [delete attack that isn't possible: we don't care about what's in the store in shouldRejectRequest()]
Deletions:
One of the peer backoff reasons is "ForwardRejectedOverload". Assuming that the request would be accepted if no forward was necessary (data available in local store) it would be easy to circumvent one (or more) of the datastore scanning protections (randomly forwarding a ttl that expired; if implemented, inserting random delays when data is locally available). All you need is one or two nodes sending requests for nonexistent data to the target to overload it, then from another node perform a scan with last hop ttl on the same target. No matter how long the request took you can be almost sure that a succeeding request is from the local store.

Revision [2381]

Edited on 2007-12-19 21:49:13 by MatthewToseland [add link]
Additions:
[[OpenNet Opennet]] is insecure. We have tried to make it as secure as possible, but the basic premise of opennet is inherently less secure than [[Darknet darknet]].
Deletions:
Opennet is insecure. We have tried to make it as secure as possible, but the basic premise of opennet is inherently less secure than [[Darknet darknet]].

Revision [2266]

Edited on 2007-09-23 18:27:17 by NogaSo [Fixed the bold text, raw html won't work...]
Additions:
Most of the above attacks can be solved by changes in the rest of the node. However the basic vulnerability of harvesting **cannot** be solved, because by definition opennet is open.
Deletions:
Most of the above attacks can be solved by changes in the rest of the node. However the basic vulnerability of harvesting cannot be solved, because by definition opennet is open.

Revision [2261]

Edited on 2007-09-14 03:02:39 by DoeJohn [Add one possible method to circumvent datastore scanning protections]
Additions:
One of the peer backoff reasons is "ForwardRejectedOverload". Assuming that the request would be accepted if no forward was necessary (data available in local store) it would be easy to circumvent one (or more) of the datastore scanning protections (randomly forwarding a ttl that expired; if implemented, inserting random delays when data is locally available). All you need is one or two nodes sending requests for nonexistent data to the target to overload it, then from another node perform a scan with last hop ttl on the same target. No matter how long the request took you can be almost sure that a succeeding request is from the local store.

Revision [2253]

Edited on 2007-09-11 14:57:49 by MatthewToseland [fix link]
Additions:
First off, you can [[NodeHarvesting harvest]] opennet. This means you can block the entire network at a national firewall, or find all the nodes currently in your jurisdiction and go bust their owners. This alone is enough to make opennet unsuitable for hostile environments.
Deletions:
First off, you can [[Harvesting harvest]] opennet. This means you can block the entire network at a national firewall, or find all the nodes currently in your jurisdiction and go bust their owners. This alone is enough to make opennet unsuitable for hostile environments.

Revision [2252]

The oldest known version of this page was created on 2007-09-11 14:57:28 by MatthewToseland [Make page]
Valid XHTML 1.0 Transitional :: Valid CSS :: Powered by WikkaWiki