Using centralized networks for flooding

Anything that doesn't fit the other categories
Post Reply
Pietry
Senior Member
Posts: 328
Joined: 04 Dec 2007, 07:25
Location: Bucharest
Contact:

Using centralized networks for flooding

Post by Pietry » 28 Dec 2008, 20:55

Recently I heard rumors about a verlihub script that is spreading around the script kiddie community in DC. The script allows the hubowner to flood a certain ip:port using his users on the hub. The script sends fake CTMs to the users to the given ip and port. I believe this is a serious problem for the DC network, as the script cannot only be done for verlihub, as for any hubsoft that supports scripting or plugins, or even by editing the software source code.
I am thinking that a centralized network is given too much power after all, no node should have such power as the hub is having, it can do whatever it wants with it's clients.
I am waiting for some feedback about this issue from the people here at ADCPortal.
Just someone

Toast

Re: Using centralized networks for flooding

Post by Toast » 28 Dec 2008, 21:47

i agree with the recent problems that has hit dchublist, adchublist, hubtracker, adcportal and a loooooong line of other sites i cant do nothing else but agree with your argument.

adrian_007
Senior Member
Posts: 126
Joined: 06 Jan 2008, 13:00

Re: Using centralized networks for flooding

Post by adrian_007 » 29 Dec 2008, 02:00

well, this is not a verlihub problem only, even nmdc vs adc... it's a price of open source... sad but true. everyone can take source code and change it whatever he wants to. instead making more secure soft ('cause it's veeeeeeeeeeery hard in os world), we should get some centralized "bigbrother" to say ppl which hub is good and which isn't (following rule: if you have nothing to hide, don't fear big brother).
of course idea of decentralized network very nice, but in real world it's not going to happen (or work anyway). there's always some nasty ppl that wants to destroy sth.

Pietry
Senior Member
Posts: 328
Joined: 04 Dec 2007, 07:25
Location: Bucharest
Contact:

Re: Using centralized networks for flooding

Post by Pietry » 29 Dec 2008, 08:28

Well this was the big problem when I asked about hublists signing hubs to mark them as "safe". Everybody cried that we were giving the hublists too much power ( in this case the hublist would becme the "big brother")
Some evil creature could get his hands of a hublist and sign bad hubs as safe, but at least its easier to manage 5-6 hublists than thousands of hubs...
Just someone

Mythrael
Junior Member
Posts: 48
Joined: 17 May 2008, 06:46

Re: Using centralized networks for flooding

Post by Mythrael » 29 Dec 2008, 11:13

as ignorant as i may be of this problem, the lesser of these evils should be the way to go, not doing anything is worse "All that is necessary for the triumph of evil is that good men do nothing."


oh, and sorry for the silly quote :D
don't mind me, I'm just lurking in the darkness..... bugger me it's scary.

adrian_007
Senior Member
Posts: 126
Joined: 06 Jan 2008, 13:00

Re: Using centralized networks for flooding

Post by adrian_007 » 29 Dec 2008, 11:27

its easier to manage 5-6 hublists than thousands of hubs
exacly.
and for existing hublists - do you say they are bad guys? i think no...

Pietry
Senior Member
Posts: 328
Joined: 04 Dec 2007, 07:25
Location: Bucharest
Contact:

Re: Using centralized networks for flooding

Post by Pietry » 29 Dec 2008, 12:43

They are not, but the problem is some evil persons are flooding the current "good people" hublists in order to get their corrupted hublist as the only one...
And because maintaining a hublist is free, these people are really sick of being flooded all the time and sometime they give away their 2 cents and stop maintaining... and that would be a success for the bad people again...
Just someone

adrian_007
Senior Member
Posts: 126
Joined: 06 Jan 2008, 13:00

Re: Using centralized networks for flooding

Post by adrian_007 » 29 Dec 2008, 15:27

so maybe validation system should go from the dc roots... (dc++ crew) ?

Pietry
Senior Member
Posts: 328
Joined: 04 Dec 2007, 07:25
Location: Bucharest
Contact:

Re: Using centralized networks for flooding

Post by Pietry » 30 Dec 2008, 13:49

The hublists that are in the DC++ client are the most safe at this time , this is my guess. Anyway DC++ never added a malevolent hublist to the client or a bad one. Hublist.org was for a long time the biggest and the best around ( the reference hublist ) and lately dchublist and hubtracker/openhublist are sharing the heads. We are returning to my initial hublist CA idea...
Perhaps make DC++ team the absolute CA that signs the hublists and the hublists signs the hubs ?
Just someone

adrian_007
Senior Member
Posts: 126
Joined: 06 Jan 2008, 13:00

Re: Using centralized networks for flooding

Post by adrian_007 » 30 Dec 2008, 22:37

sounds good for me :)

Post Reply