#24298: Better handling of DoS attacks on onion services
------------------------------+--------------------------------------
Reporter: asn | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: tor-hs, prop224, tor-dos
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+--------------------------------------
We have received various reports on attackers being able to DoS onion
services in various ways. Examples:
a) Layer-7 attacks where the attacker spams HTTP requests:
https://www.hackerfactor.com/blog/index.php?/archives/777-Stopping-Tor-
Attacks.html
b) DoS through the Tor protocol (intense circuit construction #16052m
#15515).
We should come up with designs and plans on how to mitigate those DoS
attacks better in the future.
Due to the anonymous unlinkable nature of Tor onion service clients, these
designs should be modular enough so that onion service operators can write
their own anti-DoS modules to handle specific cases of attacks.
This is a parent ticket to handle the various subtasks.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24298>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs