Chris Muller wrote:

>Now that Magma has power-outage security, I'm designing security to protect
>against hacking and would like to get feedback on the following approach.
>
>Basically, I want to punish senders of invalid or forged transmissions by
>blocking their IP for a period of time.
>
[ snip ]

>On the server-side, an incorrect next-random results in punishment of that IP
>(blockage for a period of time).  On the client-side, an incorrect next-random
>results in immediate disconnection from the server with a Warning signaled.
>  
>
Chris,

Be careful with this strategy.  Attackers might deliberately provoke the
blocking behaviour with carefully crafted (mis)information to trigger a
denial-of-service attack against your own perfectly valid IP addresses.

I'm not saying you shouldn't do this, I'm just saying that it needs to be
rigourously thought through first.

Andrew.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20050810/7b94a5c1/attachment.htm