[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] botnet? abusing/attacking guard nodes by openssl?



Hi everybody

> * if all 65535 connections on an IP were open to the Tor network, and
> * the biggest Tor Guard has 0.91% Guard probability[0], then
> * it would expect to see 597 connections.

Sorry if this is a silly question, but do we know if these are Tor
clients connecting our guards? We see many connects but not much circuits.

Could someone get state by:
openssl s_client -connect tor-guard-ip:tor-guard-orport -tls1
and establish awfull many tls connects without any circuit ?

In this case there are like 64k outbound ports available and the
necessary memory/cpu for openssl is much lower than for a regular Tor
client.

-- 
Cheers, Felix
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays