[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] DoS attacks are real (probably)



On Mon, December 11, 2017 1:40 pm, Alex Xu wrote:
> tl;dr: run this:
>
>     conntrack -L -p tcp --dport 9001 | awk '{print $5}' | sort | uniq -c |
> sort -n

Thanks for the detailed analysis.

> ignore numbers less than 10. the remaining output should consist of the
> following:

...

> are not NATed IPs, a high limit is not justified. I recommend against
> the blanket approach suggested previously of limiting whole sets of
> /24s, since that may inadvertently block mobile clients and is not
> effective against the current attack. As mentioned in the previous

I agree the approach of /24 connlimit is not a good approach to Exit
nodes. But for relays only worked fine for me and others.

cheers.

--
x9p | PGP : 0x03B50AF5EA4C8D80 / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE
1524 E7EE

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays