Consider refusing to store nodes/peers with local IP addresses #91
Comments
|
I think this would be a good idea |
|
One reason that it might not be a good idea to do this is users might be using this module to create a DHT on their local network. If we just filter all these IPs out, we break their setup. Maybe we can filter them by default, and have an option |
|
That'd make sense.
…On Fri, Jan 13, 2017 at 4:18 PM, Feross Aboukhadijeh < ***@***.***> wrote:
One reason that it might not be a good idea to do this is users might be
using this module to create a DHT on their local network. If we just filter
all these IPs out, we break their setup.
Maybe we can filter them by default, and have an option allowLocalIPs for
this use case?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#91 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABNhU88dvxTe2l3mff6yoRX9RFUCIwedks5rR_g9gaJpZM4G-_H3>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If the DHT returns nodes or peers with local IP addresses, should we store them? That means that a remote attacker can make the DHT or bittorrent peer connect to local services. Is this unsafe?
Local IP ranges:
192.168.0.0 - 192.168.255.255 (65,536 IP addresses)
172.16.0.0 - 172.31.255.255 (1,048,576 IP addresses)
10.0.0.0 - 10.255.255.255 (16,777,216 IP addresses)
Localhost:
127.0.0.1
The text was updated successfully, but these errors were encountered: