Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Update Vuze with libuTP patch to correct bug allowing DRDoS attacks ?
#1
Exclamation 
Hi, I just read an article about an important fix on BitTorrent clients:
http://blog.bittorrent.com/2015/08/27/mi...ecosystem/

It explains that developers made a patch to the libuTP software to stop "possibility of exploiting BitTorrent protocols for Distributed Reflective Denial of Service Attacks (DRDoS)".
https://github.com/bittorrent/libutp/com...6cea885760

As libuTP is an essential component for BT apps, I wonder if Vuze also needs to be updated ?

Thanks, Xavier
Reply
#2
yup, on my list of things to do - thanks
Reply
#3
Thanks for the reply - and the good work on Vuze client !

Some more informations for people interested (I'm not a technician, I can't explain code issues...):

P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks
Amplification Factors of the different BT clients with a BitTorrent handshake with uTP, p. 7 of publication:
http://www.researchgate.net/publication/...oS_Attacks

Even if Vuze seems to have its own implementation and does not use directly libtorrent-rasterbar:
https://github.com/arvidn/libtorrent/com...9cc5e0a2e1
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Right-click a torrent menu bug LordSky 0 299 04-27-2017, 02:20 AM
Last Post: LordSky
  Torrents will not stop on command bug neinome 0 111 04-23-2017, 12:33 AM
Last Post: neinome



Users browsing this thread: 1 Guest(s)