Sweetbread/Alfis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
724 Commits 3 Branches 0 Tags
cfb3cf6cf80aa4c82d5a14ec984cfd8d65f72a07
Commit Graph

38 Commits

Author SHA1 Message Date
Revertron 2e1f05cadb Implemented memory limit for DNS cache. 2026-01-05 16:50:20 +01:00
Revertron 5de0341ab4 Enhanced DNS security with ephemeral ports and DNS 0x20 encoding 
Significantly improve DNS client security against cache poisoning attacks through multiple defense layers:

Security Improvements:
- Bind UDP sockets to OS-assigned ephemeral ports (0.0.0.0:0) instead of predictable random ports, eliminating port-based attack vectors
- Implement DNS 0x20 encoding with strict case validation, adding 10-15 bits of entropy per query by randomizing domain name case
- Randomize transaction ID starting point using AtomicU16 for better entropy distribution

Attack difficulty increased from ~16 bits (65K attempts) to ~42-47 bits
(4.4-140 trillion attempts), making spoofing 1,000x to 32,000x harder.

Configuration:
- Add 'enable_0x20' option to DNS settings (default: true)
- Users can disable for compatibility with legacy resolvers if needed
- Feature is configurable via alfis.toml
 2025-10-27 14:39:47 +01:00
Revertron a92799fb2d Updated crypto dependencies. 2024-01-11 01:32:18 +01:00
Revertron a27b6cc75c Fixed block precedence calculation. 2022-07-10 23:07:59 +02:00
Revertron 63d3593e10 Fixed default AdGuard DNS IP. 2022-01-03 22:08:59 +01:00
Dimitris Apostolou 08f49d52da Fix typo 2022-01-02 12:05:54 +02:00
Revertron 903a3b1550 Fixed OPT record forwarding. 2021-09-09 18:18:03 +02:00
Revertron 08328c95fe Added DNS-over-HTTPS support for forwarded queries. 2021-09-08 17:53:38 +02:00
Revertron 66b03c0dff Verson increment. Disabled start of DNS server if threads set to zero. 2021-07-17 13:16:00 +02:00
Revertron 31ba599662 Implemented support for multiple keys. 2021-05-14 14:14:45 +02:00
Revertron aa6ae581d6 Pushing new origin hash. 2021-05-13 13:18:27 +02:00
Revertron ec635b19f2 Config update to support new chain. 2021-05-05 10:41:32 +02:00
Revertron fcb920e0de Refactored Chain a lot to make it possible to test. 
Added a CPU hard test for Chain, checking all current DB.
Added an option to config file to set a count of checked top blocks on start.
 2021-04-26 21:49:01 +02:00
Revertron c0e49bbab5 Optimized p2p connections a bit. 2021-04-24 19:02:24 +02:00
Revertron 6ed4fb4830 Made p2p connections somewhat more reliable. 2021-04-20 23:36:48 +02:00
Revertron 27352ba0d8 Increased DNS client timeout from 3 second to 10. Changed 1 bootstrap address. 2021-04-13 23:16:09 +02:00
Revertron 2b58d063dd Increased DNS client timeout from 1 second to 3. Added YGGv6 address to bootstrap peers. Incremented version. 2021-04-13 19:17:05 +02:00
R4SAS 551af8e6a0 fix typo in alfis.toml 2021-04-10 15:39:11 +03:00
Revertron 3900790f03 Returned low thread priorty as it seems after thorough tests that there is an impact afterall. But this functionality is now controlled by option 'mining.lower'. 2021-04-10 14:03:52 +02:00
Revertron 6ae6852670 Small update to config file. 2021-04-03 14:27:43 +02:00
Revertron 4721ff8f88 Config fix. 2021-04-03 11:29:57 +02:00
Revertron 8168ab37b3 (Hopefully) fixed network stucks. 2021-04-03 11:28:55 +02:00
Revertron 882d826c26 Implemented hosts-file support. You can resolve local names or block ads on DNS level! 2021-04-01 20:59:52 +02:00
Revertron 89cb23306a Fix typo. 2021-03-31 16:57:46 +02:00
Revertron e806cf5612 Added config option to ignore all nodes except from Yggdrasil. 2021-03-31 16:50:22 +02:00
Revertron 4e0b0b3d1c Added mining threads count option. 2021-03-29 11:10:48 +02:00
Revertron 98b00eb8e2 Changed version number. 2021-03-23 18:56:29 +01:00
Revertron f5949e6ec0 Reworked handling appropriate (mined) keys absence. Now that info handled in UI as well. It won't allow users without keys to mine domains or zones. 2021-03-23 18:55:11 +01:00
Revertron 4ddacd2f57 Tuned up difficulty constant for comfortable use with new algo. 
Mined new origin block to start over test network.
 2021-03-22 22:57:54 +01:00
Revertron c5204aaed1 Refactored a lot of cryptography. Moved from "rust-crypto" to https://github.com/RustCrypto 2021-03-22 19:20:51 +01:00
Revertron a4e9d92680 Fixed getting zone difficulty. 2021-03-17 20:05:05 +01:00
Revertron 1d9833db0f Implemented right way to constrain zone difficulty. 2021-03-17 14:55:05 +01:00
Revertron 85c2a7e668 Removed old origin from config. 2021-03-16 22:16:14 +01:00
Revertron c7e845af05 Made it possible to run ALFIS without settings file. It will be created if not found. 2021-03-16 14:00:14 +01:00
Revertron 9718fa8a81 Tuned some constants adn options. 2021-03-07 17:47:33 +01:00
Revertron 1cd1fed178 Added full IPv6 support for DNS-resolver upstreams. 2021-03-06 23:53:30 +01:00
Revertron ce212ab749 Changed format of DNS-listen options. Added DNS-thread count options to config. 2021-03-06 22:54:17 +01:00
Revertron ac915a1e92 Changed settings format file from JSON to Toml. 2021-03-06 22:40:19 +01:00