[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How to protect a hidden service from DoS attacks?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] How to protect a hidden service from DoS attacks?
From: Anders Andersson <pipatron@xxxxxxxxx>
Date: Sat, 5 Mar 2011 02:33:18 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 04 Mar 2011 20:33:35 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=/d4TMuqD2w/bQI73EP6Ghnutg63dFw/bkJ8HkKJ6vq8=; b=SmWhyeYhtkFXrI0d7Fb8vu9RBA1pZ3HAHiT9997lqyFL9Jy4qVoW+NCmenDt2iJGvY ttHri9XjJ8+oivAYJr29adTg4gMScH6GRksr9vAqLB8Rm6atb1hfSZl8Lj/hWkb2dhQI gSJQf6IzhQ3bBLapUrgf0QIXc+LKHY2pna1tc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=fkSF1dsx/gvOqvnlnh+cPHusuiWMup+UJ9gDrmZp5Toi5U3gWSOyAa05tcvovMS9jl dbLlK6zIBp97sUnBeVV6FpaSqsvL0IA29kRmlQ5m/Ql2eOwowUQbNX7Vnjw2q1vMKzAt 58VBZ1ZNF6s7tbIR/rM0L3xrcxLZPoAxRa/GI=
In-reply-to: <N1-2ApFo6JFCJ@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1-2ApFo6JFCJ@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Fri, Mar 4, 2011 at 11:09 PM,  <hikki@xxxxxxxxxxxxx> wrote:
> Is it even possible? Since everyone is your entry node's IP, if you block it,
> no one will be able to connect to your service.
>
> Some people DoS hidden services to moderate you, making them unreadable.

DoS on the "external" internet seems to be 99% overloading the server
CPU that have badly written and bloated server-side scripts. To
protect from this, don't use badly written and bloated server-side
scripts.

Depending on what you use the service for, you can try to rate-limit
everything to something that is just above usable. I suppose this
wouldn't tax your server CPU with unnecessary encryption.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] How to protect a hidden service from DoS attacks?
  - From: hikki

Prev by Author: Re: [tor-talk] Iran cracks down on web dissident technology
Next by Author: Re: [tor-talk] torrc consistency
Previous by thread: Re: [tor-talk] How to protect a hidden service from DoS attacks?
Next by thread: [tor-talk] I migrated my node...
Index(es):
- Author
- Thread