[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #29919 [- Select a component]: Tor DOS attack help, can a dev take this seriously please?

To: undisclosed-recipients: ;
Subject: [tor-bugs] #29919 [- Select a component]: Tor DOS attack help, can a dev take this seriously please?
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 27 Mar 2019 11:46:23 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 27 Mar 2019 07:46:34 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#29919: Tor DOS attack help, can a dev take this seriously please?
-----------------------+--------------------------------------
 Reporter:  HelpDOS    |          Owner:  (none)
     Type:  defect     |         Status:  new
 Priority:  Very High  |      Component:  - Select a component
  Version:             |       Severity:  Normal
 Keywords:             |  Actual Points:
Parent ID:             |         Points:
 Reviewer:             |        Sponsor:
-----------------------+--------------------------------------
 Multiple times in the past, I and other hidden service operators have
 published tickets for help with extreme DoS attacks that are preventing
 our hidden services from being accessed. This seems like a complete flaw
 in how Tor works and there is no logical solution in sight.

 One reference from an operator I have spoken with:
 https://trac.torproject.org/projects/tor/ticket/29607

 Exact same attack as myself and we were both initially able to prevent it
 until the attacker changed their method.

 At first the attack was overloading the Tor process CPU of 100% and so new
 connections could not be processed. After running Tor-vanguards add-on I
 found a recurring fingerprint for an authority relay was being used for
 the attack. I excluded the fingerprint in my Torrc and immediately the
 site was back online. He then changed to ANOTHER authority relay, which
 seems strange to be a coincidence considering they are low bandwidth
 relays so wouldn't make sense to me to use in this type of attack.

 Again, blocked this fingerprint and then the attack completely changed and
 is seemingly undiscoverable other than a few warnings that stick out in
 the logs, but they aren't much help.

 Any suggestions we have been given we have tried to no avail. The
 difference with this ticket, if a Tor dev is actually willing to put some
 time into investigating, I can provide full server access to an under
 attack hidden service so it can be actively monitored and hopefully
 resolved. I beg that someone helps with this, it has been going on for
 years with no real solutions to similar attacks.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29919>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #29919 [Core Tor/Tor]: Tor DOS attack help, can a dev take this seriously please?
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #29919 [Core Tor/Tor]: Tor DOS attack help, can a dev take this seriously please?
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #29919 [Core Tor/Tor]: Tor DOS attack help, can a dev take this seriously please?
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #29919 [Core Tor/Tor]: Tor DOS attack help, can a dev take this seriously please?
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #29919 [- Select a component]: Tor DOS attack help, can a dev take this seriously please?
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #29919 [Core Tor/Tor]: Tor DOS attack help, can a dev take this seriously please?
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #29919 [- Select a component]: Tor DOS attack help, can a dev take this seriously please?
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #29919 [- Select a component]: Tor DOS attack help, can a dev take this seriously please?
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #29434 [Core Tor/Tor]: Consider removing linux-tor-prio.sh from contrib/operator-tools
Next by Author: Re: [tor-bugs] #29795 [Community/Translations]: Add new Torbutton file securityLevel.properties to the translations repo
Previous by thread: Re: [tor-bugs] #29918 [Community/Tor Support]: add Trademark FAQ to the support portal
Next by thread: Re: [tor-bugs] #29919 [- Select a component]: Tor DOS attack help, can a dev take this seriously please?
Index(es):
- Author
- Thread