New Topic - Distributed PB Sharing
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
New Topic - Distributed PB Sharing
by Daniel L. Miller
::
Rate this Message:
Let's start fresh with a new topic.
Is it possible to have a distributed system, where each client is responsible for compiling their own databases, but use the information offered by other sites - and do so without fear of corruption? My spitball: It SEEMS, relatively inexpensive, to use a somewhat public server (like sourceforge?) for purposes of hosting a very small server - which basically amounts to an access-controlled DNS server. Each ASSP client (on a desired & authorized basis) would be registered with that server. All? ASSP clients would be able to contact that server and retrieve a list of addresses. Based on that list, each of the registered distribution clients would be contacted and asked for their PB info. Then the individual clients would integrate this info into their own databases. This could be done as a proprietary protocol - but I think that's overkill and actually increases potential vulnerability. ASSP is a mail filter - let's use it as such. Why not have a special address, e.g. PB-REQUEST@..., and have ASSP generate such a mail message as a request to each of the designated distribution clients? Then each distribution client would turn around and send a PB-REPLY@... to the requester with the appropriate contents. This means no special ports need to be opened, no change in network config. The recipient validation would be performed internal to ASSP - so it would be completely transparent. So the only security risk would be within ASSP itself - which we all get to scrutinize at our leisure. Comments? -- Daniel ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 _______________________________________________ Assp-test mailing list Assp-test@... https://lists.sourceforge.net/lists/listinfo/assp-test |
|
|
Re: New Topic - Distributed PB Sharing
by Micheal Espinola Jr (mobile)
::
Rate this Message:
I don't see why this isn't being implimented as a DNSBL.
On 7/2/08, Daniel L. Miller <dmiller@...> wrote: > Let's start fresh with a new topic. > > Is it possible to have a distributed system, where each client is > responsible for compiling their own databases, but use the information > offered by other sites - and do so without fear of corruption? > > My spitball: > > It SEEMS, relatively inexpensive, to use a somewhat public server (like > sourceforge?) for purposes of hosting a very small server - which > basically amounts to an access-controlled DNS server. > > Each ASSP client (on a desired & authorized basis) would be registered > with that server. All? ASSP clients would be able to contact that > server and retrieve a list of addresses. Based on that list, each of > the registered distribution clients would be contacted and asked for > their PB info. Then the individual clients would integrate this info > into their own databases. > > This could be done as a proprietary protocol - but I think that's > overkill and actually increases potential vulnerability. ASSP is a mail > filter - let's use it as such. Why not have a special address, e.g. > PB-REQUEST@..., and have ASSP generate such a mail message as > a request to each of the designated distribution clients? Then each > distribution client would turn around and send a PB-REPLY@... > to the requester with the appropriate contents. This means no special > ports need to be opened, no change in network config. The recipient > validation would be performed internal to ASSP - so it would be > completely transparent. So the only security risk would be within ASSP > itself - which we all get to scrutinize at our leisure. > > Comments? > -- > Daniel > > ------------------------------------------------------------------------- > Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! > Studies have shown that voting for your favorite open source project, > along with a healthy diet, reduces your potential for chronic lameness > and boredom. Vote Now at http://www.sourceforge.net/community/cca08 > _______________________________________________ > Assp-test mailing list > Assp-test@... > https://lists.sourceforge.net/lists/listinfo/assp-test > -- ME2 ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 _______________________________________________ Assp-test mailing list Assp-test@... https://lists.sourceforge.net/lists/listinfo/assp-test |
|
|
Re: New Topic - Distributed PB Sharing
by Marrco
::
Rate this Message:
> I don't see why this isn't being implimented as a DNSBL.
Hope it's really a damn good fitler, coz 300-350 euro per year is quite a lot. Does it gather its data only from paying customers or it uses data that also free users send ? What are the policies, and warranty ? Helpdesk ? Limits ? Terms of use ? What is the company behind the project doing the invoices ? When it's free open source software I know I'm on my own, but for a paying service I want to know the exact terms. Of course, if it's really a very important plus I could pay 500 usd per year, but I'm interesting in finding out the details. What are the measures to prevent spammer flooding attack ? Better that the one ie. spamhaus offers with its free service ? And it looks like an expensive duplicate to griplist to me. Can't understand why it ain't done with dns queries and expecially why in july 2008 we're starting again adding newm untested features to 1.3.9. I know there is only on edeveloper, fritz, so he's free to do what he likes. But why not publish 1.3.9 go on with 1.4 o 1.5 development (I can't find it anymore !) and just leave this new idea for 2.0 ? Just my 2 cents ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 _______________________________________________ Assp-test mailing list Assp-test@... https://lists.sourceforge.net/lists/listinfo/assp-test |
| Free Forum Powered by Nabble | Forum Help |