[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] attacks on Tor hidden services



On Sat, 2011-10-22 at 23:50 +0000, Gozu-san wrote:
> I didn't mean that people are intentionally DDoSing the Tor network.
> I
> meant that the attacks on hidden-service sites may have spillover
> effects.  Let's say that SlowLoris attacks bog Apache serving some
> hidden-service site.  With enough attackers, could the site's entry
> guards become bogged? 

If the attack is actually SlowLoris, then no. SlowLoris makes Apache use
lots of resources, but it does so using very little network traffic. The
Tor nodes involved would just transfer the small amount needed for
Apache to keep the connection open and move on.

It seems like SlowLoris is the only attack you could really do on a Tor
hidden service, at least without some other vulnerability to exploit.
Anonymous's typical LOIC approach will fail miserably against a hidden
service, and that's the only thing that would end up screwing with the
network.

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk