Couple of possible options (some of which may have already been mentioned) 1) variable length secrets with a minimum length say 21 to 255 2) throttling somehow the frequency new secrets could be attempted (brute-force issues) 3) while using a shared secret manual approval of new node members by IP 4) logging for each host which syncs against...timestamp, ip, bytes transfers+direction 5) dual-secrets each side has it's own secret and negociates the pairing based up the dual-secret match ala pgp-styled 6) while not perfect geo-location...ie if I live in Australia, I don't want IP's from any other country syncing. 7) ISP based....ie if I have Comcast and the destination has Comcast we are ok, but if it's any other provider well you know what to do. 8) IP-based If I know my destination public ip is x.x.x.x/24 Outside alternatives 1) host-based firewalls, force the app to run on a specific port all the time and only allow access to the world on that port if the outside world is coming from x.x.x.x/24 or pair it with a dynamic DNS provider of your choice to lock-down the outside IP's. 2) block internet access and run site-to-site VPN tunnels. Long term if made available via API someone could write a wrapping application/plug-in to do some or all of the above.
