[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections

Subject: Re: [tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 16 May 2015 21:31:31 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 16 May 2015 17:31:39 -0400
In-reply-to: <043.be601ca0a8f7521c114f2fd033cf8772@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.be601ca0a8f7521c114f2fd033cf8772@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#16052: Hidden service socket exhaustion by opening many connections
------------------------+------------------------------------------
     Reporter:  asn     |      Owner:
         Type:  defect  |     Status:  new
     Priority:  normal  |  Milestone:  Tor: 0.2.7.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  tor-hs dos SponsorR SponsorU
Actual Points:          |  Parent ID:
       Points:          |
------------------------+------------------------------------------

Comment (by special):

 Replying to [comment:6 arma]:
 > Replying to [comment:5 special]:
 > >     g) Add a "rendezvous approver" control API, which gives an opted-
 in controller the chance to approve or deny all rendezvous circuit and
 stream requests before they're acted upon. This would allow us to make
 more complex and useful mitigations as third party software.
 >
 > Can you flesh out the decision process that such a mitigator might use?
 If you have anything non-trivial, a new ticket is probably best here.

 I created #16059, including a list of potential use cases. Most of them
 are not very helpful against DoS on a HTTP-based service, but others may
 have ideas.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16052#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #16052 [Tor]: Hidden service DoS by hammering RELAY_BEGIN
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #16059 [Tor]: Add a "rendezvous approver" control API
Next by Author: Re: [tor-bugs] #15844 [Onionoo]: Develop database schema to support Onionoo's search parameter efficiently
Previous by thread: Re: [tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
Next by thread: Re: [tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
Index(es):
- Author
- Thread