linuxdcpp-team team mailing list archive
-
linuxdcpp-team team
-
Mailing list archive
-
Message #09180
[Bug 2019497] Re: Handling of CTM/search DDoS triggered by a malicious hub
Should be fixed in https://github.com/airdcpp/airdcpp-
windows/commit/55a50d9a720c885f59ca80ab3ad206b17e387bf4 (it also adds
flood checks for incoming TCP connections)
Looks like the hub also stopped flooding...
** Changed in: airdcpp
Status: New => Fix Released
--
You received this bug notification because you are a member of
Dcplusplus-team, which is subscribed to DC++.
https://bugs.launchpad.net/bugs/2019497
Title:
Handling of CTM/search DDoS triggered by a malicious hub
Status in AirDC++:
Fix Released
Status in DC++:
New
Bug description:
I've received a few weird crash reports that are both linked to a
specific hub (favorite-hub.net):
https://github.com/airdcpp-web/airdcpp-webclient/issues/450
https://github.com/airdcpp/airdcpp-windows/issues/63
While inspecting the issue more closely, I noticed that the client
receives about 300 search/CTM requests per second from the hub,
similar to these:
$Search 82.146.38.183:80 F?F?0?1?t
$ConnectToMe maksis 82.146.38.183:443
$Search 82.146.38.183:443 F?F?0?1?p
$ConnectToMe maksis 82.146.38.183:80
$Search 82.146.38.183:80 F?F?0?1?t
$ConnectToMe maksis 82.146.38.183:443
$Search 82.146.38.183:443 F?F?0?1?p
$ConnectToMe maksis 82.146.38.183:80
$Search 82.146.38.183:80 F?F?0?1?t
$ConnectToMe maksis 82.146.38.183:443
Looks like this has been going on for years already and the client is
unable to even report it in a meaningful way. DC++ shows a few status
messages about search spam but that doesn't really reveal the full
extent of the problem as the aim of the hub is clearly to consume all
possible system resources from its users.
To manage notifications about this bug go to:
https://bugs.launchpad.net/airdcpp/+bug/2019497/+subscriptions
References
