Surprised I haven't come accross any p2p DoS attack tools.
Should be easy as hell to generate thousands of DHT entries that lead to invalid IPs.
@mauve At least for the bittorrent DHT the most common implementations (utorrent and libtorrent) are pretty careful not to enable large scale amplification attacks. Nodes don't advertise the addresses of other nodes until they've been verified and retries to unverified addresses are severely limited.
@mauve Also adding an address to a torrent entry requires a three-way handshake which prevents address spoofing.
@magila Really? Mind linking to the spec for that. I was under the impression that mainline still doesn't have a clear mechanism for sybil resistance.
Some things like #hyperswarm take it pretty seriously though and only allow peers with stable IPs to participate since they use it to generate their ID for Kademlia.
