[ic] DDoS (Distributed Denial of Service) attack causing interchange to fail
davideth at whojamadoogle.com
davideth at whojamadoogle.com
Mon Aug 4 22:00:28 UTC 2025
Firewall has been optimized including 3 way verification of IP ( which
eliminates a lot ) but the attacker has a way around that. They are
using 1 time IP spoofing with a massive number of different IPs ( 25000
in a day ). and trying to access random pages in my cart.
What is needed is when the request appears, the cart needs to reply with
a verification page with a checkbox that must be checked and returned
before any further processing is done. I know that this is just scratch
but if this can be done, it will help a lot of users and make
interchange more robust.
if {!mv_verified(session_ID)
send ack_form(session_ID);
while {!acked(session_ID)
if timer(session_ID) exit(session_timeout);
}
#ack_rcvd:
Set mv_verified(session_ID);
}
This would save a lot of processing time and free interchange for
legitimate accesses.
ack_form
More information about the interchange-users
mailing list