Surprised I haven't come accross any p2p DoS attack tools.
Should be easy as hell to generate thousands of DHT entries that lead to invalid IPs.
@mauve At least for the bittorrent DHT the most common implementations (utorrent and libtorrent) are pretty careful not to enable large scale amplification attacks. Nodes don't advertise the addresses of other nodes until they've been verified and retries to unverified addresses are severely limited.
@mauve Also adding an address to a torrent entry requires a three-way handshake which prevents address spoofing.
@magila I don't think you need to attack the DHT topology for a DoS though. You can advertise from seemingly legit IPs to regular DHT nodes and either overload them, or add a bunch of these junk entries that refuse to serve the content.
Like, *chan types used to use LoIC a lot for getting random people to just run a tool which would help with DoS. Feels like there should be a similar one for p2p content by now. Maybe #dweb stuff just isn't popular enough still.
@magila I totally forgot about peer exchange! I think a lot of other protocols don't have it and probably should
@mauve Oh sure there are many ways to attack the DHT to DoS a torrent. I think you don't see it because a) people rarely care that much about torrents b) thanks to peer exchange it's actually pretty hard to effectively DoS a torrent via the DHT. All it takes is one legit node sneaking through to enable a client to join the swarm. In theory you could still disrupt a torrent with enough fake nodes, but again, people don't typically care enough to commit that many resources.