[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #27066 [Core Tor/Tor]: circuit_build_times_update_alpha(): Bug: Could not determine largest build time
#27066: circuit_build_times_update_alpha(): Bug: Could not determine largest build
time
---------------------------------------+-----------------------------------
Reporter: cstest | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| 0.3.5.x-final
Component: Core Tor/Tor | Version: Tor: 0.3.3.9
Severity: Normal | Resolution:
Keywords: 034-backport 033-backport | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
---------------------------------------+-----------------------------------
Comment (by cstest):
Server was using v2 domains and because some attacker on tor level might
be doing some tor wide non effective DDoS attack or trying to deanonymize
users, during last couple of months I am finding lots of below log lines:
{{{
Hidden service ............. exceeded launch limit with 10 intro points in
the last 11 seconds. Intro circuit launches are limited to 10 per 300
seconds. [461 similar message(s) suppressed in last 300 seconds]
}}}
That's why I have tried v3 services because v3 domains are not listed
publicly.
In my torrc there are no ExcludeNodes or anything else that could have
impact on path. Anyway, v2 domains were and are working fine. No
configuration changes, just removed "HiddenServiceVersion 3" when
generating new domains.
Almost all those weird log lines started to appear after CBT warning,
except above mentioned "exceeded launch limit with 10 intro points" and
"Your network connection speed appears to have changed." which is related
to probable v2 attack as I have said above.
This issue happens only when v3 domains are activated, together with
couple of v2 domains. There are no problems when only v2 domains are
active. And it does not happen immediately but several hours after
activating v3 domains. To repeat this it is not required only to generate
100 v3 domains but users must keep trying to access them.
As you can see in
{{{
Aug 07 00:02:15.000 [notice] Our hidden services received 41808 v2 and 18
v3 INTRODUCE2 cells and attempted to launch 42259 rendezvous circuits.
........
Aug 07 06:02:15.000 [notice] Our hidden services received 42361 v2 and
1813 v3 INTRODUCE2 cells and attempted to launch 45315 rendezvous
circuits.
........
Aug 07 12:02:15.000 [notice] Our hidden services received 42549 v2 and
4072 v3 INTRODUCE2 cells and attempted to launch 48084 rendezvous
circuits.
........
Aug 07 18:02:16.000 [notice] Our hidden services received 43651 v2 and
13413 v3 INTRODUCE2 cells and attempted to launch 60870 rendezvous
circuits.
}}}
number of v2 introduce cells decreased because during that period I have
had only couple of v2 domains and number of v3 introduce cells increased
even tho not a single user could connect through v3 domain after CBT
issue. CBT issue appeared on "Aug 07 04:45:49.000".
System clock was and is correct.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27066#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs