Just out of curiosity, do DoS attacks against dirports even happen?
My server gets nailed by what my host thinks is a DOS every now and then but I'm yet to get details.
Does anyone have a good idea on how I would be able to classify traffic as an attack rather than normal "shitloads of traffic" ?
On Tue, Aug 15, 2017 at 5:22 PM, Roger Dingledine arma@mit.edu wrote:
On Tue, Aug 15, 2017 at 11:52:31PM +0200, Toralf Förster wrote:
Does a particular Tor server/client will open more than 1 connection at a time from to the DirPort ?
I think we definitely want to support that in the protocol.
I'm not sure whether it happens right now, but it might.
But preventing it from happening is likely bad.
Note that most clients use the ORPort for fetching directory stuff, and that's heading towards "all clients" as people upgrade and stop using weird configurations. So the DirPort is mainly used on authorities (by relays that fetch dir stuff or upload relay descriptors), and by auxiliary tools like stem and the various metrics project scripts.
If you're worried about denial of service issues on the DirPort, maybe the simple answer is to turn off the DirPort? I think the only real impact might have something to do with whether old clients believe that you're a usable guard.
--Roger
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays