Cryptographic puzzles are used to slow down an attack, by stopping the
attacker from flooding the servers. It will not stop him from flooding the
network, but usually that is a rather hard task if he can not establish a
connection with the servers.
On Sat, Sep 7, 2019 at 1:57 PM Alex Monk <krenair(a)gmail.com> wrote:
I was under the (possibly mistaken) impression that
the attacker was just
flooding the network with traffic?
On Sat, 7 Sep 2019, 12:25 John Erling Blad, <jeblad(a)gmail.com> wrote:
There are several papers about how to stop DDoS
by using cryptographic
puzzles.[1] The core idea is to give the abuser some algorithmic work he
has to solve, thereby forcing him to waste processing power, and then to
slow him down to a manageable level.[2] That only work if you are the
target, and not some intermediary are targeted.
Could it be a solution for the WMF servers?
[1]
http://d-scholarship.pitt.edu/24944/1/mehmud_abliz_dissertation.pdf
(just a random pick)
[2]
https://searchsecurity.techtarget.com/answer/TLS-protocol-Can-a-client-puzz…
(about
TLS, but can also be done at the application level)
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l