[chord] FW: DGOS to combat DDOS? Idea...
Emil Sit
sit at MIT.EDU
Wed Jul 12 10:30:52 EDT 2006
Hello,
Thanks for your inquiry.
On Mon, 10 July 2006 at 09:33 (-0700), N.Z. Bear wrote:
> The reason for my interest is shown below: recently, individual weblogs and
> their hosts have suffered from DDOS attacks, resulting in their author's
> being cut off from the blogosphere community and unable to post. I am
> therefore currently trying to develop a working group to look at the problem
> and develop some kind of peer-to-peer infrastructure that would allow
> attacked bloggers to continue posting.
This sounds like an interesting problem.
Chord is a protocol that provides a dynamic membership with the ability
to agree on a single member that can serve as a rendezvous point or
master node for a given piece of information (e.g. a blog's "name",
perhaps its URL). The way it does this is by constructing a key space
and assigning each node a portion of that space. To deal with dynamic
membership, there is a maintenance protocol that keeps each node
sufficiently up to date with its various neighbors so that every
node can, given a key, find the right node that currently is responsible
for the portion of space in which the key falls. Chord is one
of a much larger family of protocols that follows this basic model.
> accomplish. In my mind, our goal should be to ensure that when a blogger's
> site is down:
>
> * a) They have a place to post new blog posts
Chord (or consistent hashing really) could be used to identify the
place (or set of places) that host new posts.
> * b) There is an established system so that their readers can find
> those new blog posts
This would require some sort of query system, outside of the Chord ring
itself, I think. Perhaps a distributed infrastructure (hosted with
http://oasis.coralcdn.org?) that you can use with something like
http://distribblogquery.org/blogger.com/username/ to generate HTTP
redirects to an appropriate host for username who is normally hosted
at blogger.
> * c) The new posts are hosted in a distibuted manner so that they are
> mirrored on many different sites and are therefore protected from a
> secondary DDOS attack.
Chord successor lists are one way to select where to host them.
As to your overall goal, I am not sure how feasible it would be to
actually run Chord on webhosts; our current implementation runs as a
background process and it also isn't particularly easy to compile.
However, if you have specific ideas/questions, we'd be happy to try and
help you with them.
--
Emil Sit / MIT CSAIL PDOS / http://pdos.csail.mit.edu/chord/
More information about the chord
mailing list