Hi Folks,
There have been some technical reports about how to deal with the problem when a botnet uses Tor as its primary C&C channel. In this case, the CPU of some relays is exhausted, causing circuit creation failure.
I am wondering currently how a client reacts when its circuit creation fails? Does the client simply resends create cells to the relays on the original path or it will re-select a new path instead?
Thanks
On 14 Sep 2016, at 07:28, Liu, Zhuotao zliu48@illinois.edu wrote:
Hi Folks,
There have been some technical reports about how to deal with the problem when a botnet uses Tor as its primary C&C channel. In this case, the CPU of some relays is exhausted, causing circuit creation failure.
I am wondering currently how a client reacts when its circuit creation fails? Does the client simply resends create cells to the relays on the original path or it will re-select a new path instead?
I think the Tor client selects a new path, with a new Exit, HSDir, Intro Point, or Rendezvous Point (within various constraints). In the Exit case, it will try 3 different paths to 3 Exit relays that claim to allow exiting to the port it wants, then return a failure to the application that made the request.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
Thanks for your notes. Tim. :)
________________________________________ From: tor-dev [tor-dev-bounces@lists.torproject.org] on behalf of teor [teor2345@gmail.com] Sent: Tuesday, September 13, 2016 19:42 To: tor-dev@lists.torproject.org Subject: Re: [tor-dev] Tor path selection upon failure
On 14 Sep 2016, at 07:28, Liu, Zhuotao zliu48@illinois.edu wrote:
Hi Folks,
There have been some technical reports about how to deal with the problem when a botnet uses Tor as its primary C&C channel. In this case, the CPU of some relays is exhausted, causing circuit creation failure.
I am wondering currently how a client reacts when its circuit creation fails? Does the client simply resends create cells to the relays on the original path or it will re-select a new path instead?
I think the Tor client selects a new path, with a new Exit, HSDir, Intro Point, or Rendezvous Point (within various constraints). In the Exit case, it will try 3 different paths to 3 Exit relays that claim to allow exiting to the port it wants, then return a failure to the application that made the request.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
-
Liu, Zhuotao -
teor