[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #15463 [Tor]: Tor deals poorly with a very large number of incoming connection requests.

Subject: Re: [tor-bugs] #15463 [Tor]: Tor deals poorly with a very large number of incoming connection requests.
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 31 Mar 2015 23:29:44 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 31 Mar 2015 19:29:58 -0400
In-reply-to: <047.35b49959a3774254f52d050d56383f53@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.35b49959a3774254f52d050d56383f53@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#15463: Tor deals poorly with a very large number of incoming connection requests.
--------------------------+--------------------------------------
     Reporter:  alberto   |      Owner:
         Type:  defect    |     Status:  new
     Priority:  critical  |  Milestone:  Tor: 0.2.7.x-final
    Component:  Tor       |    Version:  Tor: 0.2.5.11
   Resolution:            |   Keywords:  tor-hs SponsorR SponsorZ
Actual Points:            |  Parent ID:
       Points:            |
--------------------------+--------------------------------------

Comment (by asn):

 I managed to reproduce this and do a few tests with short-term solutions:
 - Decreasing `MAX_REND_FAILURES` didn't really help.
 - Completely disabling relaunches and killing rend circuit on first
 timeout did not help either.
 - Hard-coding the second hop (with my `sticky_mids` branch) in an attempt
 to reduce path selection CPU time did not really help either.

 Another thought. Can we figure out whether such volume of `INTRODUCE1`
 cells is possible without #15515? If the attacker is not using #15515, and
 the IP can handle that many circuits, why can't our hidden service also
 handle them? If the attacker is using #15515, we should really fix it.
 A small info that might point towards #15515, is that on the first logs,
 the HS had 3 IPs. The first IP sent us 11k `INTRODUCE2` cells, the second
 3.5k `INTRODUCE2` cells, and the last only 200. Similarly, on the last
 logs the first IP sent 6k `INTRODUCE2` cells, the second 3k `INTRODUCE2`
 cells and the last about 50. What I'm trying to say here friends is that
 the distribution is not uniform as would be expected by a normal client,
 and also the two distributions are quite similar.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15463#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #15463 [Tor]: TOR CPU load 100%. Hidden service unavailable. Maybe zero-day vulnerability circuit storm.
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #10864 [Tor Browser]: Please create a specific âUnable to connectâ page
Next by Author: Re: [tor-bugs] #12505 [BridgeDB]: Refactor BridgeDB's hashrings (was: Refactor Bridges.py and Dist.py in BridgeDB)
Previous by thread: Re: [tor-bugs] #15463 [Tor]: Tor deals poorly with a very large number of incoming connection requests.
Next by thread: [tor-bugs] #15464 [BridgeDB]: BridgeDB's continuous integration setup steps should be separate scripts
Index(es):
- Author
- Thread