RE: DoS attack ?

John C Klensin <klensin@jck.com> Thu, 06 December 2001 18:58 UTC

Return-Path: <ietf-irnss-errors@lists.elistx.com>
Received: from ELIST-DAEMON.eListX.com by eListX.com (PMDF V6.0-025 #44856) id <0GNX00904RD12D@eListX.com> (original mail from klensin@jck.com); Thu, 06 Dec 2001 13:58:13 -0500 (EST)
Received: from CONVERSION-DAEMON.eListX.com by eListX.com (PMDF V6.0-025 #44856) id <0GNX00901RD02B@eListX.com> for ietf-irnss@elist.lists.elistx.com (ORCPT ietf-irnss@lists.elistx.com); Thu, 06 Dec 2001 13:58:12 -0500 (EST)
Received: from DIRECTORY-DAEMON.eListX.com by eListX.com (PMDF V6.0-025 #44856) id <0GNX00901RD02A@eListX.com> for ietf-irnss@elist.lists.elistx.com (ORCPT ietf-irnss@lists.elistx.com); Thu, 06 Dec 2001 13:58:12 -0500 (EST)
Received: from bs.jck.com ([209.187.148.211]) by eListX.com (PMDF V6.0-025 #44856) with ESMTP id <0GNX007AURCZL5@eListX.com> for ietf-irnss@lists.elistx.com; Thu, 06 Dec 2001 13:58:12 -0500 (EST)
Received: from [209.187.148.217] (helo=P2) by bs.jck.com with esmtp (Exim 3.22 #1) id 16C3f3-000H37-00; Thu, 06 Dec 2001 18:54:21 +0000
Date: Thu, 06 Dec 2001 13:54:20 -0500
From: John C Klensin <klensin@jck.com>
Subject: RE: DoS attack ?
In-reply-to: <7FC3066C236FD511BC5900508BAC86FE4364D0@trestles.internal.realnames.com>
To: Nicolas Popp <nico@realnames.com>, YangWoo Ko <newcat@spsoft.co.kr>
Cc: ietf-irnss@lists.elistx.com
Message-id: <128855563.1007646860@P2>
MIME-version: 1.0
X-Mailer: Mulberry/2.1.1 (Win32)
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7BIT
Content-disposition: inline
References: <7FC3066C236FD511BC5900508BAC86FE4364D0@trestles.inte rnal.realnames.com>
List-Owner: <mailto:ietf-irnss-help@lists.elistx.com>
List-Post: <mailto:ietf-irnss@lists.elistx.com>
List-Subscribe: <http://lists.elistx.com/ob/adm.pl>, <mailto:ietf-irnss-request@lists.elistx.com?body=subscribe>
List-Unsubscribe: <http://lists.elistx.com/ob/adm.pl>, <mailto:ietf-irnss-request@lists.elistx.com?body=unsubscribe>
List-Archive: <http://lists.elistx.com/archives/ietf-irnss>
List-Help: <http://lists.elistx.com/elists/admin.shtml>, <mailto:ietf-irnss-request@lists.elistx.com?body=help>
List-Id: <ietf-irnss.lists.elistx.com>

--On Thursday, 06 December, 2001 10:09 -0800 Nicolas Popp
<nico@realnames.com> wrote:

> You can also do what most search engines would.
> You return a (small) range of ranked results in the set of
> results and your last result is a referral back to you for the
> next range in the set...Then you try to detect automated
> crawlers that recursively follow the referrals and slow them
> down to a halt.
> 
> So, just from that standpoint, it could be useful for the
> protocol to support the notion of results set range (query) as
> well as referral (response).

Brief observations:

Yeech.  

Been there and done that.  Does not scale well to VLDBs.
Returning of resulted based on sorted ranking doesn't either,
unless you retrieve everything (or high-performance record
pointers to everything) on the server, sort things out there,
and then, for efficiency, return part of it and cache everything
else.  If you are trying to conserve bandwidth or improve user
presentation speed, this works (although it still doesn't scale
terribly well).  If you are trying to conserve server resources,
it is usually bad news.

<Incorporate several observations about race conditions and
server-based search state here>

How would you feel about getting back an randomly-chosen subset
of specified maximum size each time, sampled with replacement ?
:-)

Let's discuss next week.

    john