X-Git-Url: https://git.novaco.in/?a=blobdiff_plain;f=src%2Fmain.cpp;h=b3c35043bcd25434852c4f268fe35399ad4b57f9;hb=f52c581475d6e701748f91480301354860c7c8c6;hp=9ff24e482f648e109e4b4cf023f0a21ce72a8dd5;hpb=ad42655e7a1f22e2a75e14ad73776367229ed081;p=novacoin.git

diff --git a/src/main.cpp b/src/main.cpp
index 9ff24e4..b3c3504 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -3619,7 +3619,12 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv)
     }
 
 
-    else if (strCommand == "getaddr")
+    // This asymmetric behavior for inbound and outbound connections was introduced
+    // to prevent a fingerprinting attack: an attacker can send specific fake addresses
+    // to users' AddrMan and later request them by sending getaddr messages. 
+    // Making users (which are behind NAT and can only make outgoing connections) ignore 
+    // getaddr message mitigates the attack.
+    else if ((strCommand == "getaddr") && (pfrom->fInbound))
     {
         // Don't return addresses older than nCutOff timestamp
         int64_t nCutOff = GetTime() - (nNodeLifespan * nOneDay);