[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] DirPort DOS activity against Fallback Directories



Recently I noticed excessive DirPort requests to my relay, where DirPort bandwidth reached 15% of ORPort bandwidth.  Normal DirPort load is around 2%.

https://lists.torproject.org/pipermail/tor-relays/2018-May/015253.html

Just looked over a sample of FallBackDir relays in Relay Search and
it appears this excess-load abuse is directed at them in particular.
Some fall-back directories show more than a month of excess request
traffic, presumably on the DirPort.  Logs here indicate six weeks
of abuse escalating in increments.  Possibly this foreshadows a major
increase in an effort to impair FallBackDir relay functionality.

Either an iptables connection-rate limit or disabling DirPort
resolves the problem.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays