# Gavin Andresen
# 2011-03-10 06:56:51
# https://bitcointalk.org/index.php?topic=4335.msg63425#msg63425

@s{quotedtext}
@s{quotedtext}
 @p{brk}
Well, imagine an attacker did manage to surround your node. @p{brk}
What can they do? @p{par}

a) Dropping outgoing transactions@p{--} a send-coins denial-of-service. @p{brk}
b) Dropping incoming transactions@p{--} a 0-confirmation-receive-coins denial-of-service @p{par}

Can these be exploited somehow to the attacker's advantage?  Maybe if attacker and attackee were competing on a bidding site or the site being attacked was a bidding site and the attacker wanted to squash competing bids.  Rounding up thousands of IPs to try to get a better deal on biddingpond hardly seems worth it.  And an old-fashioned DDoS attack can probably take out any one particular node anyway, with or without bitcoin involved. @p{par}

c) Dropping new block announcements (that would be a 1+-confirmation-receive-coins DoS) @p{brk}
d) ... and maybe feeding the attacked node attacker-generated blocks @p{par}

(d) is more serious, because the attacker could generate bogus N-confirmation transactions.  But it should be detectable; assuming the attacker doesn't have as much hashing power as the rest of the network, blocks will be generated much more slowly (either much more slowly after the last compiled-in block checkpoint if you're downloading the block chain, or much more slowly since the last time your node connected to the network). @p{brk}