[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-talk] Layer-7 DoS Attack Against WWW Tor Hidden Service
I'm the sysadmin of an unnamed computer club, we support online security and
privacy, so our website is available via a Tor hidden service. Recently, we
found a surge of CPU and RAM usage as soon as Tor has been started. A closer look
showed it was the result of a DoS script, likely a broken web crawler, or a bot
written by some script kiddies, which has been trapped inside an infinite loop
and made more than 20 requests per seconds 24 hours a day.
I have defeated the abuser by blacklisting the abused script, which takes a lot
of system resource to generate a webpage but never used by normal visitors. The
system is pretty good now, but I noticed that the Tor process still consumes
significant higher memory usage than before because of the persistent abuser.
Is there a way to limit resource usage originated from a single Tor circuit?
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to