1995-01-07 - Data Haven problems

Header Data

From: dfloyd@io.com
To: cypherpunks@toad.com
Message Hash: faf7e5ae3fa892ccfc12211f94ba16809ccce1a700ed9036524cbbf0351bf313
Message ID: <199501071710.LAA21334@pentagon.io.com>
Reply To: N/A
UTC Datetime: 1995-01-07 17:09:48 UTC
Raw Date: Sat, 7 Jan 95 09:09:48 PST

Raw message

From: dfloyd@io.com
Date: Sat, 7 Jan 95 09:09:48 PST
To: cypherpunks@toad.com
Subject: Data Haven problems
Message-ID: <199501071710.LAA21334@pentagon.io.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


While programming my data haven code, I am wondering how to guard against
spamming the data haven parser.  It is trivial to mount a denial of
service attack by repeatedly mailing large files. which will fill up the 
quota or filesystem of the data haven host, and if you have mail on a 
root partition, will cause hangs or crashes.

Any ideas on how to guard against mailbombs, and to confirm to the sender
that their files are stored successfully?  Perhaps do a mailing with
a test command that validates the existance of the file, and sends a
reply back wether the file is okay or not, or would this result in a
possible security hole?

As to the code, this will have to be my second rewrite as I am going to
do it in perl code, rather than C...  last rewrite was from a daemon to
a program activated by a .forward file.

Lastly, instead of postage (like a remailer would get), how hard would it
be to implement "rent" where if the "rent" is not paid, and a grace period
has elapsed the file would be trashed.  All this while preserving the
anonymity of the sender and the data haven site.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLw7KpFLUeLjqSiixAQHs4wf+Mf4CVx77nXjUXug/3q1hINhCyWgWmal7
vY1WeCDXM+qrrdxUgqzIhYRYpCPKChMjeozFltn9T0CcH/YdaD5hx3dB5A0YUPWZ
SpF5oCL3iZzf2veA8BBJEIrFdmts/nFUzWaqMx4+2IcufYb+0kVw/AKi2M5B0ZiT
UoOFFIsySR9hIMMIfHlkGqrnoO8LhlViRBx4u1O0bb0GYAyc+Nv6HvDJOSWuVe9C
g5B4GMLuW1t9e5Qw3W0Qy1VRIC4QbOrd0zbjDrQ38GUemOjALuZ2h4+tr3bR93KU
ZthueqsIzGKlr90PU6AVVZd128mDHLofJO4I4IoOgSPV7XIK4tufyA==
=KZk0
-----END PGP SIGNATURE-----





Thread