[aprssig] APRS-XO proposal
AE5PL Lists HamLists at ametx.comThu Jan 10 18:59:54 UTC 2008
- Previous message: [aprssig] RE: Position Ambituity in APRS!
- Next message: [aprssig] APRS-XO proposal
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
It is very easy to write a flood of position packets that vary by just enough to bypass the duplicate checking. Without some level of verification, we would have zero protection against this type of DoS attack. All it takes is one attack and the owners of the various APRS-IS servers (database and APRS servers) would quickly reconsider their participation in this gratis network. To look at it and say "no one would ever do this" is to put your head in the sand like an ostrich and expect nobody can see you. The verification we use is a low level security at best but, as pointed out, has at least dissuaded most excessive abuse. Yes, there has been abuse but the server sysops have been able to respond because of the verification requirements. The reason for not doing UDP verification is because there is little gained and much lost. Yes, there are a couple of IP packets that are not sent back to the sender. But there is also no verification of receipt of the packet at the sender end, there is no verification that a server is even there, and many firewalls block UDP. Bottom line: UDP is not supported for packet insertion into APRS-IS. Abuses have occurred. This is a network supported by hams for hams. If there is such a desire to create this mystical UDP network for all the world to enjoy, please focus on NOT using APRS-IS out of respect to your fellow hams that support APRS-IS. 73, Pete Loveall AE5PL, CISSP pete at ae5pl dot net
- Previous message: [aprssig] RE: Position Ambituity in APRS!
- Next message: [aprssig] APRS-XO proposal
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the aprssig mailing list