<div dir="ltr">-----BEGIN PGP SIGNED MESSAGE-----<br>Hash: SHA1<br><br>It looks like you have DoSed some of the faster Tor relays out there,<br>and then Tor stopped working as well for you. Perhaps these were your<br>entry guards, so you were particularly strongly affected?<br>
Tor did not stop serving me. He served me with errors. It is big<br>difference. In first case, it should be absolutely OK.<br><br>Of course, relay dont know, if he is serving 500 users or 500<br>connection of one user, but no matters. If it is problem of capacity<br>
of relay, it should not accept next connection, if it is full.<br><br>And you can do a CPU denial of service too, not just a bandwidth denial<br>of service, as you say.<br><br>I think it isnt answer. This looks like exact and repeatable bug.<br>
Ofcourse, im not Tor specialist, so I cannot say 'it is bug in<br>filefoo.c'. While I worked as programmer (now Im only architect,<br>so Im missing contact with sources), I made server systems with<br>massive parallel access and millions of daily visitors (simply, I was<br>
developer of <a href="http://centrum.cz">centrum.cz</a>). With this experience, I never see problem<br>like this. Every server system should reject next connection, when its<br>full. Of course, there is some possibility, that server power is not<br>
used for the edge, but it is much more secure.<br><br>I dont know exact defence mechanisms in Tor, Im just using Tor API.<br>But I think it is very dangerous, that there is simple possibility to<br>break communication with one simple computer on 256kbit upload link.<br>
Try it against any other server application... As I wrote, I think it<br>should be perfect, if node, which is reaching its limit on CPU/opened<br>sockets/whatever should reject all other connection. But I was very<br>surprised, when it served me with pages I never seen. It is security<br>
problem I think.<br> I guess we can put some checks for this particular attack in, for example<br>by rate limiting the number of create attempts from a Tor not listed<br>in the directory. But I fear that stopping all DoS avenues is a losing<br>
Im listed in directory, because Im running Tor relay.<br> <br>proposition. It's hard enough to build a system that handles many users<br>well even when they are all playing nice.<br>I know very well, what you mean, trust me :-). <br>
<br>Marek<br><br>-----BEGIN PGP SIGNATURE-----<br>Version: GnuPG v1.4.6 (GNU/Linux)<br>Comment: <a href="http://getfiregpg.org">http://getfiregpg.org</a><br><br>iD8DBQFIfuHhr7KgZiv8EokRAmEkAKDq5FXPFBUopWQq6ZcKzy4MnYsBDQCdHPDP<br>
tN+mTKWH6KTeMlg0Wy2j55o=<br>=vihL<br>-----END PGP SIGNATURE-----<br><br><br></div>