[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Slashdot banning Tor?



Matt Thorne writes:

> correct me if I am wrong, but Dos attacks would require quite a bit of
> bandwidth, and usually follow some very distinct modus operandi.
> probably noticeable by the tor client. Is there a way to build some
> kind of Dos and DDos protection into the tor network or maybe even the
> client. if only to keep it from being abused in this fashion?

DoS attacks are only effective if the attacker can impose higher
resource costs on the victim than the attacker must pay to mount the
attack.

For example, an attacker can open many TCP connections to a server but
never complete them; the server must keep the half-open connection open
for a specified length of time, while the attacker can simply never
respond. On a server open to the world, this can seriously degrade or
destroy performance. Similarly, an attacker can cause some operating
systems to behave badly by setting incoherent sets of options on a TCP
circuit. Since Tor normalizes TCP packets, some types of attacks are not
possible via Tor.

The Slashdot and Wikipedia problem is entirely at the content layer, not
at the network or transport layers. Tor itself is not concerned with the
content layer.


-- 
http://www.eff.org/about/staff/#chris_palmer

Attachment: pgp53e0FafYKc.pgp
Description: PGP signature