PROBLEM 1:
Suppose that I am an attacker. Suppose I want to do a replay attack.
I know that packets sent to xmr port (9505) are encrypted. But I can capture them anyway and resend them to port 9505.
How does xibo manage this situation?
PROBLEM 2:
Suppose I am an attacker again. I want to do a dos attack against 9505 port.
To protect 9505 port, we can use fail2ban. But fail2ban needs a log file to read. Is there a log file for xmr that fail2ban can read to figure out the ip address of the attacker?
XMR packets have a short TTL. You could replay them for a very short time, but after that they’d be rejected as invalid by the Player.
You can’t use Fail2Ban. Port 9505 doesn’t accept traffic, it outputs it. As such there’s no log since the Player is connecting only to open a communications channel.
Thanks for response.
So the 9505 port will not receive any tcp or udp packet. And so there is no reason to protect 9505 port from an hypothetical dos attack. Am I right?