[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #27921 [Core Tor/Tor]: apparent DOS / impairment-of-service against FallbackDirs using DIR requests, please evaluate for possible mitigation
#27921: apparent DOS / impairment-of-service against FallbackDirs using DIR
requests, please evaluate for possible mitigation
--------------------------+------------------------------------
Reporter: starlight | Owner: (none)
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version: Tor: 0.3.4.1-alpha
Severity: Normal | Resolution:
Keywords: tor-dos | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Comment (by teor):
Replying to [ticket:27921 starlight]:
> The attacker enhanced their botware to request via OR port and the
problem is back. In the previous 24-hour stats window DIR requests
increased output load on the relay by 17%. In the current cycle the
increase is 12%.
This is interesting. Tor clients on 0.2.8 and later only use the ORPort.
And relays on 0.2.9(?) or later will fall back to the ORPort when the
DirPort doesn't work.
Replying to [comment:8 starlight]:
> modified the daemon to reject /tor/server/d/<hash> requests with a 404;
crushed the cockroach
>
> /tor/micro/d/<hash> left alone, quite a few .z requests for these
presumably from booting relays and clients
>
> any objection? any valid purpose for which this request type is
critical?
Since 0.2.3.25, clients use microdescs by default. Since 0.3.0.6, relays
use microdescriptors by default for building circuits, but most relays are
directory caches, so they still download full descriptors.
So this is either a relay, or a client with UseMicrodescriptors 0 set. (Or
similar options.)
I wonder if this is a bug in Tor. If it is, it seems to affect relays (or
old clients). Are the addresses making these requests in the consensus as
relays?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27921#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs