On 2/16/18 12:23, nusenu wrote:
I was wondering if these unfriendly tor clients are using tor's default
path selection or something else.
We think they are using Tor's bandwidth weights, but without entry guards. They may be using one of the buggy versions that assigns exits a non-zero weight.
If they do tor exit relays would have much smaller values in their DoS stats, right?
My exit has smaller DoS stats and connections than my guards. And my higher-weighted guards have more connections than my lower-weighted guards.
These DoS stats are from one of my guards:
Would any tor exit operator (listed bellow) running 0.3.3.2-alpha be willing to share (obfuscated/not exact
counters) of their DoS log entries? (only if you do not have any additional firewall rules filtering packets)
I run an 0332-alpha relay with no extra firewall rules.4B084AD6A0BA70761A333829F52042BB6EA009AFIn case the following gets wrapped and ruined: https://paste.debian.net/1010648/Feb 16 01:50:55.000 [notice] Since startup, we have initiated x v1 connections, x v2 connections, x v3 connections, and 5xxxx v4 connections; and received 5x v1 connections, 1xx v2 connections, 9xx v3 connections, and 4xxxxx v4 connections.Feb 16 01:50:55.000 [notice] DoS mitigation since startup: x circuits rejected, x marked addresses. x connections closed. 2xx single hop clients refused.
On my guards, each of these figures is much higher.
But the "single hop clients refused" figure is proportional to the bandwidth (my figure is 8x, and my bandwidth is 5x). So those clients may be using raw bandwidth weights rather than middle weights.
T |