[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Hidden Services using same onion address?

Moritz Bartl wrote:

On 05.05.2011 13:08, Anon Mus wrote:
What happens if 2 Tor systems supported different Hidden Services using
same abc.onion address?

This is the hidden redundancy feature built in to Tor. The last of the
systems to publish its key is the one that receives the traffic, so
there is no load balancing, but if one of the systems go down, the other
will "automatically take over" after a period of max ~30 mins IIRC.

(Could this be used to launch a pseudo DOS/hijack attack on existing
hidden services, after they've been down, say, for a minute or 2?)

Hijacking is very unlikely as you would have to generate the same public
key. As the owner of a hidden service you can copy the keyfiles to as
many machines as you wish to achieve some level of redundancy.

Hi Moritz,

Thanks for the quick reply, this is all I needed to know.

I think that 30 mins might be a bit too long for anyone running a back-up redundant hidden service though. Its a shame you can't specify the time-out. for the hidden service or even to have some sort of random (balanced??) system. That way hidden services would not be so vulnerable to line/connection outage/blockage trace attacks - halt/block connections and see if the hidden service is lost.

tor-talk mailing list