[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #19984 [Core Tor/Tor]: Use a better set of comparison/evaluation functions for deciding which connections to kill when OOS



#19984: Use a better set of comparison/evaluation functions for deciding which
connections to kill when OOS
-------------------------------------------------+-------------------------
 Reporter:  nickm                                |          Owner:  nickm
     Type:  defect                               |         Status:
                                                 |  accepted
 Priority:  Low                                  |      Milestone:  Tor:
                                                 |  0.3.1.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  dos, sockets, triage-out-030-201612  |  Actual Points:
Parent ID:                                       |         Points:  2
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by nickm):

 So, what's the best strategy here?  We'd like to emphasize connections
 that are getting lots of usage, but only real usage.  The existing code
 kills whatever OR connections have the fewest circuits, and leaves
 everything else alone.  But if DirPort is open, or if we're an exit, that
 can be really bad.

 My first thought was to treat directory server connections and exit as if
 they had one circuit, and then to rank them by number of circuits along
 with the OR connections.  But maybe that's vulnerable too?  An attacker
 could just start a bunch of clients, open two circuits from each, and get
 an exit to kill off all its exit connections.  Probably not so good.

 Should we look at last-written time, or queue age, or something else?
 There may be cleverness needed.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19984#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs