Mike Hearn [ARCHIVE] on Nostr: 📅 Original date posted:2011-09-15 🗒️ Summary of this message: The debate is ...
📅 Original date posted:2011-09-15
🗒️ Summary of this message: The debate is whether response messages should be given to potential attackers, as it may provide another attack vector, or to the sender for better debugging.
📝 Original message:> If I think you're trying to DoS me, why would I be nice to you?
The issue is, what if I'm not trying to DoS you, but something went wrong?
> think response messages would just give an attacker another potential
> attack vector, and it is clear from the debug.log what triggers a ban.
Only clear to the node owner. Not the sender, who may in a better
position to debug.
It's pretty common for protocols to return useful errors even in DoS
conditions. Eg, http servers will often return 503 Service Unavailable
in overload conditions. Google actually sends a redirect telling you
why you got blocked.
🗒️ Summary of this message: The debate is whether response messages should be given to potential attackers, as it may provide another attack vector, or to the sender for better debugging.
📝 Original message:> If I think you're trying to DoS me, why would I be nice to you?
The issue is, what if I'm not trying to DoS you, but something went wrong?
> think response messages would just give an attacker another potential
> attack vector, and it is clear from the debug.log what triggers a ban.
Only clear to the node owner. Not the sender, who may in a better
position to debug.
It's pretty common for protocols to return useful errors even in DoS
conditions. Eg, http servers will often return 503 Service Unavailable
in overload conditions. Google actually sends a redirect telling you
why you got blocked.