Fredrik Tolf wrote:

I really don't think that was the heart of the matter. The thing was
that with unknown broadcasted commands, you could potentially give a
command that would force compliant clients to send lots of data to an
unrelated IP address, thereby making DDoS attacks easy.
 

I'm not sure I follow.  Certainly, you could (if the hub doesn't enforce proper IPs) send a connection message to clients making them all try to connect to a remote IP.  Or you could similarly fake an IP in the search string (causing a bit of udp traffic to the remote IP).  Both are possible with the current protocol.  If you're suggesting that there's a buffer overflow in one of the yet-to-be-coded clients... sure.  Having the hub screen unknown commands (beyond some common-sense rate and bandwidth limiting) is the wrong approach to protecting users in my opinion.  Such a buggy client should get eliminated (or fixed) through the software equivalent of natural selection - bad clients and hubs deserve to die and be replaced with better ones.

I'd rather not be guessing blindly at what you mean, so please clarify why your opposed to hubs broadcasting (or routing) unknown commands.

- Todd