On 18 Jul 96 18:49:04 -0800, dfloyd@IO.COM wrote:

The problem I ran into firsthand with archive sites is that they tend to turn into porn or pirated software servers. One could then have the software delete after a download. Anyway, one is always open to a denial of service attack where someone just throws chunks of /dev/random at you.

If someone has any ideas on how to slow down attacks like this, please E-mail me. It would be nice to have an offsite storage place, but without the necessity of giving a bunch of personal info (as with Mcaffee's WebStor).

A) Only accept files with valid PGP signatures from accepted keys - this is one area where PGP's commandline interface is a plus - just write a batch script. Demand that a separate file be sent first, signed by a certain key. This file would contain valid filenames for the rest of the session. If a non-listed file is sent, kill the session. This could all be automated with a simple program. You could probably even use SSLs and similar to do it on a website if you could swill the PGP bit - maybe a plugin? B) bounce trash back. // Chris Adams <adamsc@io-online.com> - Webpages for sale! Se habla JavaScript! // Automatically receive my resume or PGPKEY by sending email with a subject // of 'send PGPKEY' or 'send resume'. Capitalization counts so be careful!