[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Lawsuit threat over (unlikely?) SYN flood




Formless Networking wrote:
> Since SYN floods can be spoofed, and since Tor nodes don't really have
> the resource amplification that typically makes them effective, I'm
> assuming it's probably just someone who forgot to take their meds for a
> while and/or who is just making things up to try to chill our tor node
> off line.

I'm certainly no networking expert, but I didn't think a SYN attack
could come from a properly functioning Tor exit anyway -- w/o even
getting into how rapidly the packets are sent.

I thought a SYN attack was sending the first packet for a TCP handshake
and then not responding to the SYN-ACK coming back.  My understanding of
Tor is that a user can send information to and receive info from the
target IP address via the Tor exit but that the originator has no
control over the low level details of that network traffic.  I.e. the
handshakes (or lack thereof) are controlled by the Tor exit itself.
What am I missing?

Jim


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays