<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
Hello all,<br>
please could someone clarify me what's the difference between set
senderverify to 2 or 3 ?<br>
<br>
TIA,<br>
73 Luigi IK5ZUK<br>
<br>
<br>
<div class="moz-cite-prefix">Il 17/02/2025 11:35, IZ2LSC via
Dxspider-support ha scritto:<br>
</div>
<blockquote type="cite"
cite="mid:CAJowXJAHiKd1tyMJ5NRQDZC-uHiiD4J7b4vu-Zm48fP3x3fWYQ@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div>Iain, </div>
<div>if 60% of the traffic is fake and senderverify=2 </div>
<div><br>
</div>
<div>then pc61 is dumped (discarded)</div>
<div>as per Dirk mail.</div>
<div><span style="font-size:large">If set to 1, pass it onward
to other nodes. If set to 2 and it's a PC61 then dump it. If
set to 3 then just dump it.</span></div>
<div>
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature"><br>
</div>
<div class="gmail_signature" data-smartmail="gmail_signature">Can
you clarify where I misunderstood ?</div>
<div class="gmail_signature" data-smartmail="gmail_signature"><br>
</div>
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature">--></div>
</div>
<br>
</div>
<br>
<div class="gmail_quote gmail_quote_container">
<div dir="ltr" class="gmail_attr">On Mon, Feb 17, 2025 at
11:12 AM Iain Philipps <<a
href="mailto:iain.philipps@77hz.net" moz-do-not-send="true"
class="moz-txt-link-freetext">iain.philipps@77hz.net</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div class="msg-217730492492649813">
<div lang="EN-GB">
<div class="m_-217730492492649813WordSection1">
<p class="MsoNormal"><span>Andrea,<br>
<br>
You have misunderstood. Legitimate spots are *<b>not</b>*
being discarded.<br>
<br>
Because:-> </span><span
style="color:blue;background:white">most of the
traffic sent today is very likely fake. <-<br>
<br>
</span></p>
<p class="MsoNormal"><span
style="color:blue;background:white"> </span></p>
<p class="MsoNormal"><span
style="color:blue;background:white"><br>
</span><span style="color:black;background:white">73
de WR3D</span><span><br>
<br>
<br>
</span></p>
<p class="MsoNormal"><span> </span></p>
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span
lang="EN-US"> Dxspider-support <<a
href="mailto:dxspider-support-bounces@tobit.co.uk"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">dxspider-support-bounces@tobit.co.uk</a>>
<b>On Behalf Of </b>IZ2LSC via Dxspider-support<br>
<b>Sent:</b> 17 February 2025 10:09<br>
<b>To:</b> The DXSpider Support list <<a
href="mailto:dxspider-support@tobit.co.uk"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">dxspider-support@tobit.co.uk</a>><br>
<b>Cc:</b> IZ2LSC <<a
href="mailto:iz2lsc.andrea@gmail.com"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">iz2lsc.andrea@gmail.com</a>><br>
<b>Subject:</b> Re: [Dxspider-support] Here we are
again (huge flooding)</span></p>
<p class="MsoNormal"> </p>
<div>
<div>
<p class="MsoNormal">Kin, </p>
</div>
<div>
<p class="MsoNormal">how many legitimate spots is
senderverify=2 discarding during normal
conditions?</p>
</div>
<div>
<p class="MsoNormal">I understood this is still work
in progress as from Dirk email he got 60% of spots
dropped. This is not fine:</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal"><span
style="color:blue;background:white">"</span></p>
</div>
<div>
<p class="MsoNormal"><span
style="color:blue;background:white">The result I
got for a morning's traffic (the natural result
of a grepdbg on today's log with sendverify set)
is:</span></p>
</div>
<p class="MsoNormal"><span
style="color:blue;background:white"><br>
60.22 (%)<br>
<br>
Or to put it another way, most of the traffic sent
today is very likely fake.<br>
<br>
<span class="m_-217730492492649813gmail-il">Houston</span>,
we have a problem...</span></p>
<div>
<p class="MsoNormal"><span
style="color:blue;background:white">"</span></p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">Andrea</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<div>
<p class="MsoNormal">--></p>
</div>
</div>
<p class="MsoNormal"> </p>
</div>
<p class="MsoNormal"> </p>
<div>
<div>
<p class="MsoNormal">On Mon, Feb 17, 2025 at 8:45 AM
Kin via Dxspider-support <<a
href="mailto:dxspider-support@tobit.co.uk"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">dxspider-support@tobit.co.uk</a>>
wrote:</p>
</div>
<blockquote
style="border-top:none;border-right:none;border-bottom:none;border-left:1pt solid rgb(204,204,204);padding:0cm 0cm 0cm 6pt;margin-left:4.8pt;margin-right:0cm">
<p class="MsoNormal">Hi,<br>
<br>
From the last attack I have seen the following:<br>
* Link crashes with partners. With greater impact
on those with less hw<br>
resources.<br>
* Delays of up to 5 minutes in sending spots to
users in some of the larger<br>
nodes.<br>
* More affected on Windows than on Linux.<br>
* On my node with 'set/var $DXProt::senderverify
2' the behaviour was as<br>
expected, no forged spots were fake.<br>
grep -i "bad spot" 047.dat | wc -l<br>
287005 <-- EA4URE-2<br>
381899 <-- EA3CV-2<br>
<br>
1739707974^(*) PCPROT: Bad Spot CR3DX on
14089.6 by<br>
N3LPT-3(70.139.124.201)@SM4ONW-14 User N3LPT-3 not
on node SM4ONW-14, DUMPED<br>
1739707974^(*) PCPROT: Bad Spot CR3DX on
7025.0 by<br>
N0LPT-3(70.139.201.124)@SP6MI-2 User N0LPT-3 not
on node SP6MI-2, DUMPED<br>
1739707974^(*) PCPROT: Bad Spot CR3DX on
28431.4 by<br>
N3LPT-3(70.139.124.201)@PA0ESH-3 User N3LPT-3 not
on node PA0ESH-3, DUMPED<br>
1739707974^(*) PCPROT: Bad Spot CR3DX on
21132.3 by<br>
N5LPT-3(70.124.139.201)@GB7NHR User N5LPT-3 not on
node GB7NHR, DUMPED<br>
1739707974^(*) PCPROT: Bad Spot CR3DX on
28438.0 by<br>
N0LPT-3(70.201.139.124)@PI1LAP-1 User N0LPT-3 not
on node PI1LAP-1, DUMPED<br>
<br>
On my other node without enabling this feature,
thousands of them were<br>
received.<br>
* The attack was based on varying the fields:
spotted, comment, spotter,<br>
spotter ip and source node.<br>
* It appears that the spots were not sent from the
source nodes listed in<br>
the spots. I have verified that the ones where my
node appears as the source<br>
node, did not come from my node, so I think that
this must have happened to<br>
most of them.<br>
<br>
My own conclusions<br>
* Dirk's algorithm was successful for nodes that
used $DXProt::senderverify<br>
to remove dupes.<br>
* If the attack had been without 'dupes', it could
not have been stopped.<br>
* The flood of spots that inundated the network
clearly affected nodes with<br>
fewer resources, with a less efficient OS or with
a sw other than spider.<br>
<br>
Kin EA3CV<br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
Dxspider-support mailing list<br>
<a href="mailto:Dxspider-support@tobit.co.uk"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Dxspider-support@tobit.co.uk</a><br>
<a
href="https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support</a></p>
</blockquote>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre wrap="" class="moz-quote-pre">_______________________________________________
Dxspider-support mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Dxspider-support@tobit.co.uk">Dxspider-support@tobit.co.uk</a>
<a class="moz-txt-link-freetext" href="https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support">https://mailman.tobit.co.uk/mailman/listinfo/dxspider-support</a>
</pre>
</blockquote>
<br>
</body>
</html>