MESSORDocumentation
Messor Network Protocol

Messor members

Communication protocol description


Communication within Messor network occurs while using HTTP/HTTPS protocol by the POST method.
The protocol can be easily adapted to other transport protocols, for example tcp / ip.
Data are transmitted to in own format. The data transfferred are encrypted (several algorithms are supported) ,encryption key is installed during installation.
The client and server only are aware of the key. The password is just a precaution against brutforce and other attacks on the server.
The request consists of two parts.
The exceptions are registration and password recovery requests - they may not contain an identifier (network_id) and password (network_password).
Besides intra-network requests between peers are made without a password. (network_password).

Peer


This is a network member - any site / server, which has got Messor-client installed
Peer tasks:
  • Collect attack data.
  • Send collected data to Messor network servers.
  • Receive and distribute the current blocked IP addresses database

Premium peer


These are premium network members, who pay for subscriptions..
Peer tasks:
  • Block attacks
  • Collect attack data.
  • Send collected data to Messor network servers.
Differences from regular peers:
  • Download the database directly from the Messor server
  • Get additional services in accordance with the tariff plan.
The servers content was taken into account to maintain the network when designing the messor network.
Messor network provides monetization, while being one of the network development and support organs !

Server


Each network member, having got Messor-server installed, whose address is entered in server list
Is responsible for:
  • Network routing
  • New peer registration
  • Verifies and stores peer data
  • Gets peer data
  • Synchronizes the database with other servers
  • Collects network operation statistics
  • Generates a database

Messor algorithm

Trust response is correct answers determining system


Within synchronization, peer requests all servers from the list server list and compares the server responses sum hash .
Then it compares the identical answers number and always considers those answers, being more common than others to be true.
Thus, if one or several servers in the network fail or issue fake data (attack on the network), this will not affect the network in any way,
since no one will trust their responses.

Peer trust is peer data trust system


Data obtained from peer is used when generating a database.
The higher the trust of this peer, the more confidence to the data received.
Trust is determined by the verifications number (verification types table) multiplied by peer runtime.
The goal is to prevent fake peers from clogging servers with fake data.
Note! When designing networks Messor-based networks, keep in mind that while the network is small and you have few peers, you must monitor their trust level and fill the network with peers being controlled.
Messor.Network Constantly adds its peers with advanced traps for scanning, hereby ensuring stable network operation.

Server List - network server data distribution and storage system


The servers list is stored in plain text for each peer and server.
When updating the servers list, file's hash sum sha256 is used as the version.
The servers list is updated while using a server request. peer_get_server_list.
In the event of all servers fall in the network, each peer stores the last known 100 - 300 addresses of other peers in the network. To restore the server list, you may use the query peer_get_server_list in order to get the server list from other peers.
Once the first peer installs a working server list, it will start to spread across the network.
Besides you may get actual server lists manually, for example, on official network websites.
Format: Recording format in a string through \t
0 - full server's url
1 - Server's country GEO code or server comment in one string
Server list example:
https://main.messor.network/messor/	MAIN
https://de.messor.network/messor/	DE
https://ru.messor.network/messor/	RU
https://nl.messor.network/messor/	NL
https://us.messor.network/messor/	US
https://th.messor.network/messor/	TH
https://cn.messor.network/messor/	CN
https://backup1.messor.network/messor/	BACKUP_SERVER1
https://backup2.messor.network/messor/	BACKUP_SERVER2
Note! When designing Messor-based networks, keep in mind that while the network is not large and you have few servers, if they all fall at once and one of the malicious peers replaces the serer list with its own, it will get full control over the network.
Messor.Network I took care of the network protection. The servers will be installed in all available countries as the network grows, servers are monitored 24/7 by the support service.
The network servers failure at once Messor.Network is almost impossible!

Database


The database version consists of two parts, separated by a symbol _
The first part is a digital designation of the base creation date, consisting of day + month + year,
then the database file checksum in sha256.
It turns out that the name contains both the version and checksum of this file.

Format name: [date]_[sha256_check_sum]
Example file name: 200420_c38e529ab7e40133a757c8714d3d6601d33c7ce299ebffec5bf7a4ba586e1b75
Database content:
Line 0 Database version, publication date, comments;
Line 1 Regular expression to block by UserAgent (base64);
Line 2 Rules for .htaccess to detect scans (base64);
Line 3 Regular expressions to parse GET POST data and block attacks (base64);
Line 4 Further blocked ip addresses in a string.

Messor communication Peer -> Server

Protocol description Peer -> Server


peer_status

The server request contains the current melon database version, client version and server list version data
The server returns the current software, database and server list data in response

Data description:
client_version- Installed client version
database_version- Current database version
server_list_version- sha256 checksum server list
Data pack: encrypt
Request:
DataRaw
Response:
DataRaw

peer_echo

Echo request may contain an arbitrary data array or data string.
The server returns the data transferred to it in response.

Intended for testing and works on the servers only in debug_mode
Data description:
message- Message
Data pack: encrypt
Request:
DataRaw
Response:
DataRaw

peer_verify

Code verification request
For example, Peer sends a request for a verification code by email.
The server sends a confirmation code to the specified email address
Peer submits the confirmation code request to the server.
Server verifies the specified email.
Verification request sending example via telephone

Intended for testing and works on the servers only in debug_mode
Verify types table
typevalue<exampledescription
emailemailadmin@example.comCode verification request by email
email_confirmnumber123456Email confirmation code
smsphone number+79037678790Verification code request to the phone via sms message
sms_confirmnumber123456Verification code sending from sms message
phonephone number+79037678790Phone call request - you will be provided with the code
phone_confirmnumber123456Confirmation code sending received by phone
dnshost nameexample.comGet verification manual via dns
dns_confirmVerification request sending via dns
mailaddress134 is the international format mailing address exampleEmail request sending with the code to e-mail
mail_confirmnumber123456Send email request with the code to e-mail
docsCountryRussiaGet instructions for verification through a real meeting and submitting documents.
docs_confirmSending verification request through the documents
Data description:
type- verification type <a href='#peer_verify_table'>see verification types table</a>.
value- transmitted value
Data pack: encrypt
Request:
DataRaw
Response:
DataRaw

peer_info

Request complete up-to-date peer data stored on the server.
The server returns data array with peer data in response.

Data pack: encrypt
Request:
DataRaw
Response:
DataRaw

peer_upgrade

Peer requests the current Messor library files text for updating.
The server returns the data array with the files texts and their names.

Data pack: encrypt
Request:
DataRaw
Response:
DataRaw

peer_get_server_list

Peer requests the current server list.
The server returns the current server list text and its version in response (hash sum sha256 from the server list text)

Data pack: encrypt
Request:
DataRaw
Response:
DataRaw

peer_get_peer_list

Peer requests the server to provide other peers list on the network, having the requested database version.
Peer indicates the required database version in the request.
The server responds by the data array with the required peers list in response.
Typically, the current request is used to update your database to the current version.

Data description:
database_version- Current database version
Data pack: encrypt
Request:
DataRaw
Response:
DataRaw

peer_download_database

Peer requests the specified database text,The server or peer returns the database text in response.Direct database download from the server is available only premium peer
Usually the current request is used to get the database from other peers, see (data transfer description between peer).

Data description:
database_version- Current database version
Data pack: encrypt
Request:
DataRaw
Response:
DataRaw

invalid_action

Invalid request example from peer to server The server provides error messages in response to invalid requests.

Data pack: encrypt
Request:
DataRaw
Response:
DataRaw

Messor comunication Peer -> Peer

Peer -> Peer communication protocol description


peer_ping

Peer operation verification request
Peer sends a ping request to another peer and receives a short email in response(Hi).

Data pack: plaint
Request:
DataRaw
Response:
DataRaw

peer_get_server_list

Peer requests the current server list from another peer.
Peer returns the current server list text and its version in response (hash sum sha256 from the server list text)
Backup network recovery request in case of all network servers failure.

Note! Backup recovery algorithm with peer should be disabled and enabled at the user's request only by default.
Lern more here peer_get_server_list
Data pack: plaint
Request:
DataRaw
Response:
DataRaw

peer_get_peer_list

peer_get_peer_list

Data pack: plaint
Request:
DataRaw
Response:
DataRaw

peer_peer_download_database

Database text request.

Data description:
database_version- Current database version
Data pack: plaint
Request:
DataRaw
Response:
DataRaw