[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections

Subject: Re: [tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 16 May 2015 20:31:29 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 16 May 2015 16:31:37 -0400
In-reply-to: <043.be601ca0a8f7521c114f2fd033cf8772@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.be601ca0a8f7521c114f2fd033cf8772@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#16052: Hidden service socket exhaustion by opening many connections
------------------------+------------------------------------------
     Reporter:  asn     |      Owner:
         Type:  defect  |     Status:  new
     Priority:  normal  |  Milestone:  Tor: 0.2.7.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  tor-hs dos SponsorR SponsorU
Actual Points:          |  Parent ID:
       Points:          |
------------------------+------------------------------------------

Comment (by special):

 I like "a" as a short term solution.

 "d" is problematic, because we'd have to pick an appropriate metric. A
 HTTP server might want to discard the oldest connections, but an IRC
 server would want to stop taking new ones (or it becomes possible to kick
 users off).

 In general, I'm skeptical of proof of work systems. I don't think they
 make much sense when your legitimate users are on mobile phones and your
 illegitimate users have botnets. Making the attack more expensive for
 clients is a compelling idea _if_ it could be tuned to be useful. That is
 probably something we'd want to do at the circuit (not stream) level.

 I'll also propose:

     g) Add a "rendezvous approver" control API, which gives an opted-in
 controller the chance to approve or deny all rendezvous circuit and stream
 requests before they're acted upon. This would allow us to make more
 complex and useful mitigations as third party software.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16052#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #16052 [Tor]: Hidden service DoS by hammering RELAY_BEGIN
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #16058 [Tor Browser]: Tor Browser 4.5.1/Tails 1.4 does not work with Google Drive, previous workaround missing
Next by Author: Re: [tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
Previous by thread: Re: [tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
Next by thread: Re: [tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
Index(es):
- Author
- Thread