Opened 5 years ago

Last modified 4 years ago

#7823 needs_review defect

Rate-limit facilitator interaction

Reported by: dcf Owned by: dcf
Priority: High Milestone:
Component: Archived/Flashproxy Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: #10711 Points:
Reviewer: Sponsor:

Description

Facilitator should rate-limit registrations and retrievals by IP ranges to avoid trivially flooding or exhausting the client database.

Child Tickets

Change History (6)

comment:1 Changed 4 years ago by aallai

There is an apache mod, mod_evasive, that does rate-limiting against general DoS attacks. It looks

pretty easy to set up and configure.

http://www.zdziarski.com/blog/?page_id=442

comment:2 Changed 4 years ago by arlolra

I wrote a max-LRU data structure a few weeks ago, to be used here, but subsequently got distracted.
https://gist.github.com/arlolra/5367063

However, if mod_evasive is the way to go, I won't precede with any more work. Please advise.

comment:3 in reply to:  1 Changed 4 years ago by dcf

Replying to aallai:

There is an apache mod, mod_evasive, that does rate-limiting against general DoS attacks. It looks

pretty easy to set up and configure.

http://www.zdziarski.com/blog/?page_id=442

Thanks, this is a good idea. I added mod_evasive to the facilitator setup instructions and we'll see how it goes.

I would like rate limiting to happen not only at the CGI layer. I also want it to happen at the level of the facilitator program, which has knowledge of the current recommended proxy polling interval. If proxies are supposed to be polling every 10 minutes, it should refuse to serve proxies polling more frequently than that.

A vague plan of mine is to allow certain trusted parties to push as many registrations as they want through the CGI. This is if someone we trust sets up their own rendezvous system and they want to post their registrations to us. We should introduce authenticated registrations, where if a registration has a good signature from a trusted public key, it is not subject to rate limiting. If we use mod_evasive, we may have to maintain IP whitelists to prevent rate limiting of trusted registrants at the Apache level.

comment:4 Changed 4 years ago by arlolra

Status: newneeds_review

Added rate-limiting to proxy polling here:
https://github.com/arlolra/flashproxy/compare/master...7823

Comments and criticism welcome.

comment:5 Changed 4 years ago by infinity0

Parent ID: #10711

Did we merge this yet? I don't see 4e25e82 in the official flashproxy repo.

comment:6 in reply to:  5 Changed 4 years ago by dcf

Replying to infinity0:

Did we merge this yet? I don't see 4e25e82 in the official flashproxy repo.

It's not merged. I haven't reviewed it. You are welcome to take a look.

Note: See TracTickets for help on using tickets.