[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] attacks on Tor hidden services

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] attacks on Tor hidden services
From: Gozu-san <gozu@xxxxxxxxxxxx>
Date: Sat, 22 Oct 2011 23:50:49 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 22 Oct 2011 19:52:07 -0400
In-reply-to: <20111022144221.GC17631@xxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4E9F3B5B.2040807@xxxxxxxxxxxx> <20111022035059.GA14508@xxxxxxxxxxxxxxxx> <4EA2460D.6020908@xxxxxxxxxxxx> <20111022144221.GC17631@xxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On 22/10/11 14:42, andrew@xxxxxxxxxxxxxx wrote:

> On Sat, Oct 22, 2011 at 04:26:53AM +0000, gozu@xxxxxxxxxxxx
> wrote 1.1K bytes in 26 lines about:

> : According to the operator of Freedom Hosting on 2011-10-19:
> : > Recently FH was the victim of DoS attacks which resulted in
> : > unavailability of php or mysql on hosted sites.
> : > A user registered an account and used it to run extremely
> : > slow mysql queries among other things to purposely harm
> : > the server.
> 
> These aren't attacks on hidden services. These are attacks
> on php, mysql, and apache running behind a hidden service.

OK, I get the distinction.  It would have been more accurate for me to
say "attacks on hidden-service sites".

> : that I've created, with addresses that I alone know.
> : I suspect that #OpDarknet has figured out how to DDoS Tor.
> 
> I suspect not. I run many hidden services, all are
> reachable without issues.

That's good to know.

> There are pleny of bugs in hidden services, and we're
> working to fix them. However, this doesn't seem like an
> attack on hidden services, but rather the software behind
> the service.

I didn't mean that people are intentionally DDoSing the Tor network.  I
meant that the attacks on hidden-service sites may have spillover
effects.  Let's say that SlowLoris attacks bog Apache serving some
hidden-service site.  With enough attackers, could the site's entry
guards become bogged?

Also, once hidden-service sites have bogged, are they flagged as
unresponsive by their entry guards, or elsewhere in the Tor network?

> Time will tell.

Indeed.  Thank you.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] attacks on Tor hidden services
  - From: Ted Smith

References:
- [tor-talk] attacks on Tor hidden services
  - From: Gozu-san
- Re: [tor-talk] attacks on Tor hidden services
  - From: andrew
- Re: [tor-talk] attacks on Tor hidden services
  - From: Gozu-san
- Re: [tor-talk] attacks on Tor hidden services
  - From: andrew

Prev by Author: Re: [tor-talk] attacks on Tor hidden services
Next by Author: Re: [tor-talk] attacks on Tor hidden services
Previous by thread: Re: [tor-talk] attacks on Tor hidden services
Next by thread: Re: [tor-talk] attacks on Tor hidden services
Index(es):
- Author
- Thread