[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Mixed pages - serious bug of tor



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It looks like you have DoSed some of the faster Tor relays out there,
and then Tor stopped working as well for you. Perhaps these were your
entry guards, so you were particularly strongly affected?
 Tor did not stop serving me. He served me with errors. It is big
difference. In first case, it should be absolutely OK.

Of course, relay dont know, if he is serving 500 users or 500
connection of one user, but no matters. If it is problem of capacity
of relay, it should not accept next connection, if it is full.

And you can do a CPU denial of service too, not just a bandwidth denial
of service, as you say.

I think it isnt answer. This looks like exact and repeatable bug.
Ofcourse, im not Tor specialist, so I cannot say 'it is bug in
filefoo.c'.  While I worked as programmer (now Im only architect,
so Im missing contact with sources), I made server systems with
massive parallel access and millions of daily visitors (simply, I was
developer of centrum.cz). With this experience, I never see problem
like this. Every server system should reject next connection, when its
full. Of course, there is some possibility, that server power is not
used for the edge, but it is much more secure.

I dont know exact defence mechanisms in Tor, Im just using Tor API.
But I think it is very dangerous, that there is simple possibility to
break communication with one simple computer on 256kbit upload link.
Try it against any other server application... As I wrote, I think it
should be perfect, if node, which is reaching its limit on CPU/opened
sockets/whatever should reject all other connection. But I was very
surprised, when it served me with pages I never seen. It is security
problem I think.
 I guess we can put some checks for this particular attack in, for example
by rate limiting the number of create attempts from a Tor not listed
in the directory. But I fear that stopping all DoS avenues is a losing
Im listed in directory, because Im running Tor relay.
 
proposition. It's hard enough to build a system that handles many users
well even when they are all playing nice.
I know very well, what you mean, trust me :-).

Marek

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://getfiregpg.org

iD8DBQFIfuHhr7KgZiv8EokRAmEkAKDq5FXPFBUopWQq6ZcKzy4MnYsBDQCdHPDP
tN+mTKWH6KTeMlg0Wy2j55o=
=vihL
-----END PGP SIGNATURE-----