[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] DDOS alerts from my provider



On Donnerstag, 8. August 2024 22:20:35 CEST eff_03675549@xxxxxxxxx wrote:
> Hi Rafo,
> 
> My apologies for the late reply in your request for the code on banning
> tor exits into *GUARDS or middle-relays*

Before many people copy this, a note:
A relay with exit flag is MOSTLY used for exit traffic but not ONLY.
A Tor-exit can also act as a guard or middle relay in a circuit.

And especially .onion services are broken:
All relays, including exits, can be Introduction & rendevous point, HSDir, 
EntryNodes, HSLayer2Nodes and HSLayer3Nodes in Onion Service Circuits.

Blocking relays should only happen in exceptional cases, e.g. DOS or DDoS. And 
then only dynamically, e.g. with IP/NFtables for 12-48 hours.

-- 
╰_╯ Ciao Marco!

Debian GNU/Linux

It's free software and it gives you freedom!

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays