linuxdcpp-team team mailing list archive
-
linuxdcpp-team team
-
Mailing list archive
-
Message #09181
[Bug 2019497] Re: Handling of CTM/search DDoS triggered by a malicious hub
Thanks for reporting and for the through fix!
I can confirm that, at the time of reporting, a short stay on that hub with DC++ indeed caused immense system resource consumption.
To be investigated how to adapt / apply the fix.
** Changed in: dcplusplus
Status: New => Confirmed
--
You received this bug notification because you are a member of
Dcplusplus-team, which is subscribed to DC++.
https://bugs.launchpad.net/bugs/2019497
Title:
Handling of CTM/search DDoS triggered by a malicious hub
Status in AirDC++:
Fix Released
Status in DC++:
Confirmed
Bug description:
I've received a few weird crash reports that are both linked to a
specific hub (favorite-hub.net):
https://github.com/airdcpp-web/airdcpp-webclient/issues/450
https://github.com/airdcpp/airdcpp-windows/issues/63
While inspecting the issue more closely, I noticed that the client
receives about 300 search/CTM requests per second from the hub,
similar to these:
$Search 82.146.38.183:80 F?F?0?1?t
$ConnectToMe maksis 82.146.38.183:443
$Search 82.146.38.183:443 F?F?0?1?p
$ConnectToMe maksis 82.146.38.183:80
$Search 82.146.38.183:80 F?F?0?1?t
$ConnectToMe maksis 82.146.38.183:443
$Search 82.146.38.183:443 F?F?0?1?p
$ConnectToMe maksis 82.146.38.183:80
$Search 82.146.38.183:80 F?F?0?1?t
$ConnectToMe maksis 82.146.38.183:443
Looks like this has been going on for years already and the client is
unable to even report it in a meaningful way. DC++ shows a few status
messages about search spam but that doesn't really reveal the full
extent of the problem as the aim of the hub is clearly to consume all
possible system resources from its users.
To manage notifications about this bug go to:
https://bugs.launchpad.net/airdcpp/+bug/2019497/+subscriptions
References
