Formless Networking wrote:
Since SYN floods can be spoofed, and since Tor nodes don't really have the resource amplification that typically makes them effective, I'm assuming it's probably just someone who forgot to take their meds for a while and/or who is just making things up to try to chill our tor node off line.
I'm certainly no networking expert, but I didn't think a SYN attack could come from a properly functioning Tor exit anyway -- w/o even getting into how rapidly the packets are sent.
I thought a SYN attack was sending the first packet for a TCP handshake and then not responding to the SYN-ACK coming back. My understanding of Tor is that a user can send information to and receive info from the target IP address via the Tor exit but that the originator has no control over the low level details of that network traffic. I.e. the handshakes (or lack thereof) are controlled by the Tor exit itself. What am I missing?
Jim