dr|z3d
This may be way off the mark, but if we're seeing excessive requests, be it DB stores, transit tunnels, lookups, or whatever else fits the general profile of abuse, is it worth thinking about a router-router or router-ff strategy that communicates the id of the potentially abuses router?
dr|z3d
*abusive
dr|z3d
Initially it might just be a flag that's assigned that doesn't do anything other than indicate potential abuse, with some strategy to reach a consensus.
zzz
well, anything like that has to incorporate a trust model and an analysis of why it doesn't introduce even more attack vectors
dr|z3d
sure, does it help or will it just give an attacker another possible angle.
dr|z3d
put a different way, can we reliably determine when behavior is abusive and pin that with confidence on a specific router?
dr|z3d
I think we already have a few scenarios where we can be pretty confident. Maybe not many..
dr|z3d
A router that's cycling its ip every couple of minutes or more falls into that category, no?
dr|z3d
A router that's requesting a ton of tunnels and using no meaningful bandwidth in any of them, maybe another?
dr|z3d
A floodfill that appears to be rejecting all lookups, or providing bogus replies.
zzz
p2p trust models are super hard and sketchy, we've never done it and I for one have no competence there
dr|z3d
yeah, I hear you. it's not something you can do in a day.
dr|z3d
Maybe the first step is to identify bad behavior and when it's obvious, be more aggressive in banning the offending router.
dr|z3d
for example, track ip cycling over a 10m period, if it reaches some threshold, ban router.
orignal
does stats.i2p support deletetion now?
orignal
*deletion
dr|z3d
why do you ask? is there something on stats.i2p that suggests it does?
orignal
<monkey> есть еще один вопрос, а как потом удалить из reg.i2p ? Например i2pj генерит для удаления. А в ваших тулзах я не нашел
dr|z3d
> give it to me in english.
dr|z3d
please. :)
orignal
he is asking how to delete an address from reg
orignal
and says that Java supports it
dr|z3d
Java may support it, stats.i2p doesn't.
RN
I really don't agree with deleting them... if JRandom ever came back, bringing up his eepsite would be one of the ways he would establish his identity
RN
or if I left for a while and came back as I have done in the past
RN
I mean there is still the b64/32 where he/I would have the signing key
RN
but it wasn't intended for them to expire
dr|z3d
expiry should probably be proportional to the amount of time the site's been up and serving content. but it's not really a big deal. otoh, if the person who registered a site wants to delete it, that should be allowed. or if they want to assign a new b32, assuming they have the original key.
hk
jrandom originally started with i2p.net right?
dr|z3d
in other news, I2PSnark's new inline text viewer is mostly done, gremlins banished. It currently only supports line numbering for css files.. if anyone has a requirement/suggestion for other text mimetypes that would benefit from line numbering, let me know. I'm thinking probably javascript is the next candidate.
hk
dr|z3d: your thoughts on typescript vs javascript?
hk
im not a web guy so I dont have much to say on it but im curious what you think
dr|z3d
dunno, haven't really looked at typescript.
hk
'hm hm
hk
hm hm*
dr|z3d
my general attitude is that it needs to run in the browser natively without libs.
hk
right
dr|z3d
so anything that requires libs, like jquery et al, no. waste of space.
hk
gotcha , portability is king
cumlord
Oh that’s nice, does it still do inline for .txt/nfo?
dr|z3d
there's nothing you can't achieve with vanilla javascript that jquery offers. except adding a nice fat 100K plus library to your code.
dr|z3d
still?
dr|z3d
still since when, cumlord? :)
dr|z3d
it's only a couple of days old..
dr|z3d
and yes, it does inline for text/nfo/srt/css right now.
cumlord
Minus still* 😂
dr|z3d
I might add some "native" rendering for .nfo files, assuming those fancy ascii graphics are still a thing.
dr|z3d
new /dev/ build in ~5m.
dr|z3d
if you're seeding the I2P+ update, you've got txt and css files you can use to test with.
dr|z3d
it's a bit on the chunky side, the textView.css ... 5.1KB.
dr|z3d
*.js
dr|z3d
kidding.. I think 5K is reasonable given what it does.
dr|z3d
hk: same for variants of css. not a fan.
dr|z3d
I don't want to have to compile my css files to use them :)
hk
nice, agreed
cumlord
dr|z3d ha that’d be nice, they’re still around a bit
dr|z3d
not difficult, only really requires a custom font.
cumlord
It’s probably overdue for an update I’ll have to try it out
dr|z3d
what (sub-)version of + are you running?
cumlord
hm looks like -10 to -12
dr|z3d
ok, not too shabby. -13+ is current.
dr|z3d
don't forget to take the new shiny lightbox for a spin, cumlord!
dr|z3d
you can dump a folder of images in an existing torrrent data folder if you want to test and you don't have image torrents handy.
cumlord
awesome, slideshow feature even works with gifs
cumlord
6837b4317f96d433323c83bdd0724c62a91307f3 has some things in a test folder
cumlord
noticed .json brings up a page with black bg/text though
cumlord
or maybe it always did that
dr|z3d
Blinded message
dr|z3d
maybe I can add support for those, probably not being deteced as a text/ mimetype
dr|z3d
if it was, it would at the very least open in a new tab.
dr|z3d
yeah, because application/json
cumlord
yeah, that makes sense .txt and .css give a paperclip next to it
dr|z3d
not so hot with xml, either. still, next build will fixup both.
dr|z3d
of course, more work to do to actually display XML, but hey.
dr|z3d
yeah, but no to XML. too much hassle for not enough benefit. let's just make sure it opens in a new tab.
zzz
reminder prop. 168 review today
orignal
zzz does stats support deletion or not?
orignal
I mean by request
zzz
no
zzz
except if it was just registered and not public yet, he can email me
orignal
but that guy says it's possible to generate such request in Java-I2P
zzz
stats.i2p does not support everything listed in the spec, or everything in the java code
orignal
thnaks
zzz
says it right at the top
zzz
Registration authentication is required.
zzz
Status: Service is UP.
zzz
Supported actions: Add, Add Alias, Add Subdomain, Add Alternate Destination
zzz
Unupported actions: Remove, Change Name, Change Destination
orignal
I though you might have implemnetd it
orignal
ofc he blamed i2pd/reg that we are "fucking idiots" )))
zzz
maybe you are, but not good to do that when asking for help ))
orignal
ofc I am, that why I wanted to clarify with you if we missed something
zzz
:)
orignal
new attacktoday?
zzz
yeah the chinese started back up about midnight eastern
orignal
why do you think it's China?
zzz
because we've seen the same thing recently, and I can track tunnel prev/next hops by country
orignal
got it
orignal
what I don't understand what they are trying to ahcive
orignal
because efficency is zero
zzz
CountryTunnelsUsage
zzz
United States 217 4.17 MiB
zzz
China 137 3.58 MiB
zzz
Germany 116 984 KiB
zzz
Russian Federation 90 1.51 MiB
zzz
Netherlands 53 592 KiB
zzz
Canada 40 797 KiB
orignal
and what does it say?
orignal
Russia is not on top because people use VPN
zzz
china is #4 in routers but #2 in tunnels
orignal
got it
zzz
and every non-hidden router in china is i2pd 0.9.58 X, it's 100% botnet
orignal
ofc
orignal
it's too old
orignal
but what is thier goal?
zzz
hackers, students, scammers, state attack... who knows, it all looks the same
orignal
what's to goal of this attack?
zzz
no idea
orignal
I have noticed another thing
orignal
seems they always use NTCP2
zzz
not true for the chinese routers, I have plenty of SSU2 connections
zzz
maybe you're thinking of a different group
orignal
I see too much NTCP2 traffic
orignal
2 times more than SSU2
orignal
usually I see more SSU2 than NTCP23
zzz
2x by number of connections or by bandwidth?
orignal
bandwdth
orignal
Transit: 209.13 GiB (10700.73 KiB/s)
orignal
2RRY
orignal
attackers still like me ))
orignal
"опять транзита 23 мегабайта"
orignal
another guy
dr|z3d
definitely looks like there's some bandwidth related "stuff" happening.
hk
dr|z3d: seeing it on my end as well
dr|z3d
the rodeo continues!
hk
round 2 I guess
hk
lol
orignal
like what?
orignal
and yes I was right
orignal
no impact to SSU2-only and ygg-only routers
orignal
only NTCP2 routers are involved
hk
hpdbe6o6qqqqvgygbcznssat46kybsm7rcauofqaoly4ajdi2jeq.b32.i2p/file/XGXmfTypp6_8VW2wtE6r6z1f8Ihy2Wi0fDVPPtb6P_g4xG91RMBE/bw.combined.svg
hk
hmm
orignal
looks like they pick routers with NTCP2 only
hk
hm
hk
interesting
cumlord
looks about right hk
hk
cumlord: im definitely getting affected but does cake.i2p seem slow to you at the moment?
cumlord
yeah was noticing some wonky business but doesn't look like any routers died this time
not_bob
I'm feeling it over here.
cumlord
not really to me
hk
not_bob: brutal :/
not_bob
It will pass.
cumlord
graph is awesome, i2pd be limping ;(
hk
not_bob: yep last time it lasted for days
hk
weeks? i cant remember
not_bob
Yep, and most of mt stuff is i2pd.
cumlord
you do most of your site scanning stuff with i2pd right?
not_bob
My local machine is at 15%
not_bob
No, that is I2P+
not_bob
More features.
not_bob
I2P+ perorms better. But, not so good for low power systems.
cumlord
irc server (i2pd) was in desperation mode with 1 up tunnel earlier, really tryin its best
cumlord
ah that makes sense
not_bob
Yeah, it can suck at times. But, one tunnel is fine...for a short time.
not_bob
Till it expires.
orignal
whick irc server? ilita?
cumlord
im seeing 17% now, and simp irc
orignal
ilita has 5 tunnels in both directions
orignal
Tunnel creation success rate: 17%
orignal
Transit: 1990.94 GiB (9172.04 KiB/s)
orignal
almost 100% cpu usage
cumlord
jeeze similar there with the transit
not_bob
Mine is a bit better now. Not that it feels like it.
cumlord
that ones little angry
eyedeekay
dr|zed do you want to come to #ls2?
dr|z3d
all present and correct, eyedeekay :)
eyedeekay
Thanks