[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Filtering out attacks?

On 16 May 2005 at 15:20, Roger Dingledine wrote:

Date sent:      	Mon, 16 May 2005 15:20:54 -0400
From:           	Roger Dingledine <arma@xxxxxxx>
To:             	or-talk@xxxxxxxxxxxxx
Subject:        	Re: Filtering out attacks?
Send reply to:  	or-talk@xxxxxxxxxxxxx

> I've been thinking about this periodically. My current thought is that
> we should implement some basic resource limits for technical reasons
> -- the previous instance of this was when somebody was hitting google
> a lot via Tor, and google's DoS detectors were triggering. The Tor
> server could detect this and preemptively avoid it. There are a couple
> advantages here:


> I am wary of going too far down this path, of course, because at some
> point we're making judgments about whether to allow certain content,
> and things just turn bad from there.
> --Roger

If I can make an additional suggestion, why not have Tor implement some kind packet
inspection? I believe routers around the world implement this to different degrees so I
wouldn´t consider it invasive or judgemental. It is only to guarantee communications in line
with RFC standards. This would certainly deter some abusive attacks.

I think Tor developers should not make judgements like you pointed out. But as a server op
I do reserve the right to make those decisions. I do so already by defining exit policys, for
example. In line with this thought, I would incorporate these tools as optional/configurable.
This will allow server volunteers set how much service they want to provide to the Tor
network. By incorporating them as optional you also broaden the audience of likely server
operators. In the future, how many people would volunteer knowing that they could face
abusive charges from organizations or ISPs? SPI and DoS tools are a means of reducing
these risks to the server ops.