[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Tor and slow DOS attacks

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Tor and slow DOS attacks
From: coderman <coderman@xxxxxxxxx>
Date: Wed, 24 Aug 2011 14:20:11 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 24 Aug 2011 17:20:31 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=y8uet53cmpXrQnU7tQMKpQzm+qWpWn7h1kQnRpTBdrQ=; b=kXL+JPdCSqEYgdAQFBk+CID9TaHfnPjzqEPBAkUPK4gZIOsYk4jx7lMfzC5rW5B4FO pECk4KvQc+0kjhXLrshgk/iQDupQHdyjtUXwvhjN77DOUmoUYsl7TtuoV0WC9fI1f2qT euK6ly85SKNiQDhsEnn+HHOsBuTIx50qLMIBM=
In-reply-to: <4E554F1C.1080306@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for discussion by the developers of Tor." <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <4E524B95.8020608@xxxxxxx> <4E554F1C.1080306@xxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx

On Wed, Aug 24, 2011 at 12:21 PM, Georg Koppen <g.koppen@xxxxxxxxx> wrote:
> ...
> [blah blah] about the rise of slow DOS attacks and that Tor could play
> an important role in it
> ... I am wondering whether there is already some
> effort under way to detect and ban such kind of traffic. Or should there
> be such effort at all?

there should not be an effort.  or better said, slow DoS protections
begin in design stage, continue through development and are supported
by operations.

in nearly every instance of a successful slow DoS there is a negligent
or incompetent sysadmin or developer (or both!) at fault.

the fact that millions of poorly configured webservers are unable to
service requests to their poorly designed and implemented webapps
should have no bearing on Tor efforts or exit traffic.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] Survey on Tor Trac usage and how you manage your tasks
  - From: Karsten Loesing
- [tor-dev] Tor and slow DOS attacks
  - From: Georg Koppen

Prev by Author: [tor-dev] Blocking-Test: GSoC Penultimate Status Report
Next by Author: Re: [tor-dev] Survey on Tor Trac usage and how you manage your tasks
Previous by thread: [tor-dev] Tor and slow DOS attacks
Next by thread: Re: [tor-dev] Tor and slow DOS attacks
Index(es):
- Author
- Thread