Hi yes we agree, we think that this is the best solution, currently.We'll upgrade our hardware asap, adjust the scripts to have a dedicated Tor daemon for each virtual host and hopefully move on.
On 2014-12-07 12:42, Cyrus wrote:
It was much easier to start running every hidden service as a separate process. I did it with this lazy bash script, after moving all the hidden services into a folder called called /var/lib/tor/auto and creatinv configs in /etc/tor/users from a template called/etc/tor/torrc-unique - that template has values called %PORT% and %USER%I will improve the shell script so it is also an interface to add new hidden services, and stop old ones by name only. #!/bin/bash p="10000" cd /var/lib/tor/auto find * -type d | while read d; do cp /etc/tor/torrc-unique /etc/tor/users/torrc-$d sed -i "s/%USER%/$d/g" /etc/tor/users/torrc-$d sed -i "s/%PORT%/$p/g" /etc/tor/users/torrc-$d p=`expr $p + 1` echo "HiddenServiceDir /var/lib/tor/auto/$d" >> /etc/tor/users/torrc-$d echo "HiddenServicePort 80 192.168.0.3:80" >> /etc/tor/users/torrc-$d echo "HiddenServicePort 22 192.168.0.3:22" >> /etc/tor/users/torrc-$d tor --RunAsDaemon 1 -f /etc/tor/users/torrc-$d done fuckyouhosting@xxxxxxxxxxxxxxx wrote:On 2014-12-01 01:46, fuckyouhosting@xxxxxxxxxxxxxxx wrote:Hi List! We (try to) maintain a free hosting platform for hidden service websites, here: http://fuckyouhotwkd3xh.onion but recently all the hosted hidden services became unreachable. Tor logs are correctly reporting the problem: Dec 01 XXX [notice] Your Guard SoylentGreen (XXX) is failing more circuits than usual. Most likely this means the Tor network is overloaded. Success counts are 147/210. Use counts are 86/86. 147 circuits completed, 0 were unusable, 1 collapsed, and 1000 timed out. For reference, your timeout cutoff is 60 seconds. Dec 01 XXX [notice] Your Guard regar42 (XXX) is failing more circuits than usual. Most likely this means the Tor network is overloaded. Success counts are 122/178. Use counts are 91/92. 137 circuits completed, 15 were unusable, 0 collapsed, and 17 timed out. For reference, your timeout cutoff is 113 seconds. ... trying to change the Guard, by deleting the /var/lib/tor/state file, results in the same problem and logs, just with a different Guard. Trying to host just our hidden service (fuckyouhotwkd3xh.onion), by deleting all the other hidden services in the torrc file, 'solves' the problem .. logs looks ok and the service is reachable. It looks like we are hosting an 'offending' hidden service which is the target of a (D)DOS attack. We tried to enable Tor debugging and to sniff some traffic but were unable to find the offending hidden service. All the access.log and error.log of the hosted websites are ok, they don't grow in size and don't log any flood.Even the bandwidth usage of the server looks ok, basically there is notraffic. So .. question: is there a way to understand which hidden service is causing all this ? Suggestions are welcome! Thank you.Hi again, it looks like we are in good company:https://lists.torproject.org/pipermail/tor-talk/2014-November/035787.html (Isolatinga hidden service hit by DDOS)sorry for not noticing that before, we'll try to follow the same advises.-- CYRUSERV Onionland Hosting: http://cyruservvvklto2l.onion/ PGP public key: http://cyruservvvklto2l.onion/contact This email is just for mailing lists and private correspondence. Please use cyrus_the_great@xxxxxxxxxxxx for business inquiries.
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk