[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] DoS attacks on multiple relays
Furthermore, nodes that think they're being smart
and protecting their nodes and the network by filtering
out who can access their OR ports... aren't... because
- A real attack from clearnet will wipe out significant
numbers of the rest of the network leaving their OR's
with far fewer left talking to them, and certainly a
whole lot of compromised talkers, which means path
discovery, correlation, manipulation, and other game
over situations.
- Attackers will simply stand up sybils and attack
from within the core.. again wiping out the network and
such "protected" boxes straight through their leeto
trusted filter holes. Oopsie, plan demolished.
- Are potentially creating segmentation breaks in
the p2p network that will get their relays flagged
down out of the consesus for obstructing node traffic.
A better use of such pedantic time would be inspecting
the code and protocols to discover and patch attack vectors
that could be used against the network, including those
that will sneak right through their filters.
Who cares, operators are independant, do what you will,
be creative, drop some pps worth of ORPort stray junk
into /dev/null, filter out whatever exit traffic content you hate,
make sure all subscribers to all blocklists can censor users,
etc, etc... a few random boxes don't make a network, let
alone a secure one.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays