[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #29607 [Core Tor/Tor]: Denial of service on v2 onion service (was: Need urgent help!)

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #29607 [Core Tor/Tor]: Denial of service on v2 onion service (was: Need urgent help!)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 04 Mar 2019 04:15:14 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 03 Mar 2019 23:15:23 -0500
In-reply-to: <046.7636cc748a1d4fe5d012fb127fce5b25@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.7636cc748a1d4fe5d012fb127fce5b25@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#29607: Denial of service on v2 onion service
--------------------------+--------------------------
 Reporter:  pidgin        |          Owner:  pidgin
     Type:  defect        |         Status:  accepted
 Priority:  Immediate     |      Milestone:
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+--------------------------

Comment (by teor):

 #29610 and #29637 are duplicates of this ticket.

 #29637 contains the same information from the user, and this response from
 me:


 > The attack probably isn't on the Tor client. It's more likely it's on
 the service, HSDir or Intro Points. It may be on the service's Guard or
 Rendezvous Point, but they're harder to find and target.
 >
 > Have you tried v3 onion services?
 > They are much more resistant to attacks.
 > There is no OnionBalance for v3 yet, but the v3 crypto is more
 efficient, so you might not need it.

 Are you sure that your service is still running ok?
 Your service might be serving a small amount of traffic, and blocked on
 network requests. So its CPU would be low, and most clients would not be
 able to connect.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29607#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #29703 [Core Tor/Tor]: Backport test-network.sh fixes to 0.2.9
Next by Author: Re: [tor-bugs] #28569 [Core Tor/Tor]: Mark outdated dirservers in reasonably live consensuses
Previous by thread: Re: [tor-bugs] #29610 [Core Tor/Tor]: Server being attacked
Next by thread: [tor-bugs] #29645 [Core Tor/Tor]: test.exe hangs on Appveyor CI
Index(es):
- Author
- Thread