[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] could Tor devs provide an update on DOS attacks?

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] could Tor devs provide an update on DOS attacks?
From: starlight.2017q4@xxxxxxxxxxx
Date: Sun, 31 Dec 2017 21:04:23 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 31 Dec 2017 21:05:02 -0500
In-reply-to: <6.2.5.6.2.20171230201745.04d4a870@binnacle.cx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <6.2.5.6.2.20171230152509.04815638@example.org> <20171230232527.GH5371@moria.seul.org> <6.2.5.6.2.20171230201745.04d4a870@binnacle.cx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

At 07:36 12/31/2017 -0500, I wrote:
>
>. . . suggest adding support for circuit-extend rate-limiting of some kind or another. . .

Further in support of the request, for _12_hours_ preceding the most recent crash, the daemon reported:

Your computer is too slow to handle this many circuit creation requests. . .
[450043 similar message(s) suppressed in last 60 seconds]

and for the attack on the fast exit machine:

[1091489 similar message(s) suppressed in last 60 seconds]

I see no reason _any_ router should _ever_ have to handle this volume of circuit requests.  DOS attacks no doubt whatsoever.  Rate limit is needed to mitigate the problem.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] could Tor devs provide an update on DOS attacks?
  - From: starlight . 2017q4
- Re: [tor-relays] could Tor devs provide an update on DOS attacks?
  - From: Roger Dingledine
- Re: [tor-relays] could Tor devs provide an update on DOS attacks?
  - From: starlight . 2017q4

Prev by Author: [tor-relays] could Tor devs provide an update on DOS attacks?
Next by Author: Re: [tor-relays] could Tor devs provide an update on DOS attacks?
Previous by thread: Re: [tor-relays] could Tor devs provide an update on DOS attacks?
Index(es):
- Author
- Thread