User Tools

Site Tools


host:security_of_hosts



Security of Hosts

DDoS attacks

A Distributed Denial of Service attack consists on a network of attacking machines that flood the attacked machine with a big amount of superfluous requests aimed to overload it and prevent legitimate requests to be processed. Due to the peer-to-peer nature of the Sia network, the IPs of the hosts are public (in order to make them accessible by the renters), making them a target for DDoS attacks.

From the renter's perspective, a DDoS attack is very unlikely to prevent him from accessing his data, thanks to the redundancy features of Sia. However if a very large number of hosts is attacked successfully, files might not be accessible during the duration of the attack.

From the host's perspective, a DDoS attack can have severe consequences: an uptime of about 97%+ is required for hosts, and if the attack overloads them, successful Proofs of Storage will be prevented to be submitted. As default file contracts are 3 months long, an attack of 3 days provoking full downtime would be enough to make all the file contracts to fail, thus losing the host all his locked collateral.

Security and uptime is a responsibility of the host. There are however some measures a host can take to prevent or alleviate attacks:

Bandwidth

Having a bandwidth wider than the attack ensures that the legit traffic (including PoS requests) will reach the host. Average DDoS attacks are 50 Mbps wide

Networking hardware

Certain networking hardware, like advanced routers and some managed switches, include DDoS protection aimed to filter attacking traffic. They can alleviate the workload of the host machine, preventing it from collapsing, but if the full bandwidth of the connection is used by the attack, the legit traffic still wont be able to reach the host.

VPNs

Announcing the host through a VPN provider can prevent most of the attacks, as usually they have access to more advanced tools to prevent DDoS attacks than the average user.

Collateral Locking

When a renter forms an allowance, while the disk space of the hosts is not locked (not until the actual files are submitted), the host's collateral to back the allowance is immediately locked. A malicious attacker could form huge contracts without uploading files to the hosts. That would result in the exhaustion of the collateral budget of the hosts, yet not getting any profit from the contract as no files are uploaded. By the end of the contract, the malicious renter would receive back his allowance.

While possible, this kind of attack is unlikely, as the renter has still to pay the fees for those contracts even if he does not upload files to them, making him an economic damage.

Legit renters can create a similar problem if they use only a small fraction of their allowances or decide to not use them. Again this situation provokes a faster than expected exhaustion of the collateral budget, that becomes unavailable for further contracts until the current contracts expire.

Hosts can prevent these situations by provisioning a collateral budget much higher than the simple calculation derived from the total offered disk space.

host/security_of_hosts.txt · Last modified: 2017/07/27 04:50 by aerrejon