Welcome everybody to the new FrostWire forums.
Make sure to check out our Community Guidelines
Please be a good neighbor, treat others with respect and patience.
Flooding is becoming more common and more sophisticated. We see it less in the public rooms and I'm hearing about more and more /notice attacks, although that cannot be proven. Here are some possible defences...
- Block all open proxies. This is standard practice for many other networks but raises bandwidth usage. A ban on known proxies would be cheaper to run but less effective.
- Reduce the recvq value for clients. This will cause single point flooders to quit sooner, doesn't protect against distributed attacks.
- Make use of set::throttle::period & set::anti-flood::unknown-flood-amount options. Still doesn't protect against distributed attacks.
- Block random nicks. Partially effective against distributed attacks.
- Add +R to set::modes-on-connect. This will prevent /msgs and /notices to anyone from unregistered nicks. Ideal for preventing against distributed attacks and reduces the threat of "grooming" & "phishing" which will please the parents. Will be unpopular with most chatters and doesn't protect against room floods.
- Set +f and +j modes on new rooms (set::modes-on-join). This will protect against simple room floods but existing rooms need to be taught this.
- Require email registration for services. This will discourage multiple accounts from users and allow us to track them better. Registration will be more desirable if we force +R mode. Also helps us contact users when they're offline, I sometimes have need of this and am tired of seeing firstname.lastname@example.org addresses.
Apart from going from room to room and teaching them the anti-flood settings I lack the ability to make the changes which are becoming increasingly necessary. Our new friends RAF (Rebels Against FrostWire) are seeking revenge (historically hard to allay) and are planning attacks from thousands of proxies (I have proof). I doubt their resources seriously threaten more than one or two users at a time but we can't stand by and watch.
Our attackers have gotten use to a level playing field and our defenders have gotten complacent. We need to make changes if only to shake things up.