Discuss mailing list

[Quinn Wood <wood.quinn.s AT gmail.com>]

On Thu, Dec 12, 2013 at 8:43 PM, Guillaume Parent <gparent AT gparent.org> wrote:
> -How do you make it so we can remove and add IPs to the list without knowing
> whose they are?
>
The easiest way is to have to databases, which would be more efficient
anyway. One of which contains user information- including settings,
hashed passwords, and IPs/dynamic update tokens encrypted with the
user's password (ideally, client side encryption would be used) and
the other containing only IPs with no user information. Upon
submission, the web script would make INSERT/UPDATE/DELETE queries to
both databases.

> -How do we prevent a user from deleting someone else's IPs if there's
> nothing tieing them to the IPs?
>
Using a second column for "how many users accounts is this IP
registered under" would be sufficient. Adding if/else logic to
increment that counter during INSERT if the IP already exists, or
decrement that counter if non-1 in lieu of doing the actual deletion,
would be trivial.

> -How does this prevent any random hacker from signing up and then
> whitelisting five spoofed IPs that all of the DNS servers are now going to
> accept, willfully participating in the flood?
>
You're asking me to tell you how a system not designed to solve part
of a problem could possibly solve it perfectly. It already solves the
other part of it (the part it's designed to) *very* effectively and
that's good enough. (More importantly, it's better than nothing- and
from what I've seen it's better than what's already being done.) All
in theory, of course.