[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] syn flood iptables rule

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] syn flood iptables rule
From: Toralf Förster <toralf.foerster@xxxxxx>
Date: Wed, 24 Feb 2021 20:44:45 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 24 Feb 2021 14:44:58 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1614195886; bh=QJVzJ1iPedgyec/heSiNoiorxNklI6i1Rhnlp5S8+rM=; h=X-UI-Sender-Class:Subject:To:References:From:Date:In-Reply-To; b=XSVmKKIjUYRdpVT2MPx2ySPpmzv4V9jKdZXyGSkplSY1HTNZ5Kut2amo7qVONsKUr lEdHLa2a7SjPxn5ViElE2wBW97Hud0MqEm4xK/gpaoLZOZjkxK1M3qH3cbg+KYZgPR OHJM9vQ4Xi5Mjh8OTczJfAMfSDu/W73GRLQvYODw=
In-reply-to: <CAFDuK3OGW6gwaVyh1W=4Po1PzmWWHSXh2xVH8ME9=uRQ+AKgsA@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <eace1eef-86e1-58df-9fd3-a10c24eeb412@gmx.de> <CAFDuK3OGW6gwaVyh1W=4Po1PzmWWHSXh2xVH8ME9=uRQ+AKgsA@mail.gmail.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1

On 2/22/21 7:29 PM, William Kane wrote:

A hard limit of 9 might be a little too low - then again, a legit,
unmodified tor binary would hold it's TCP connection established for
as long as needed -

Hhm, I'm really under the impression that even 5 or 4 should be enough.
If a client connects more often than every 15 seconds to its guard or a
relay opens a conenction for more often than 4x per minute to another
relay - then they are modified, or ?

--
Toralf
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] syn flood iptables rule
  - From: Toralf Förster
- Re: [tor-relays] syn flood iptables rule
  - From: William Kane

Prev by Author: Re: [tor-relays] Huge increase in bridge connections
Next by Author: [tor-relays] ulyssa
Previous by thread: Re: [tor-relays] syn flood iptables rule
Next by thread: Re: [tor-relays] syn flood iptables rule
Index(es):
- Author
- Thread