[tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat May 16 20:31:29 UTC 2015
#16052: Hidden service socket exhaustion by opening many connections
------------------------+------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-hs dos SponsorR SponsorU
Actual Points: | Parent ID:
Points: |
------------------------+------------------------------------------
Comment (by special):
I like "a" as a short term solution.
"d" is problematic, because we'd have to pick an appropriate metric. A
HTTP server might want to discard the oldest connections, but an IRC
server would want to stop taking new ones (or it becomes possible to kick
users off).
In general, I'm skeptical of proof of work systems. I don't think they
make much sense when your legitimate users are on mobile phones and your
illegitimate users have botnets. Making the attack more expensive for
clients is a compelling idea _if_ it could be tuned to be useful. That is
probably something we'd want to do at the circuit (not stream) level.
I'll also propose:
g) Add a "rendezvous approver" control API, which gives an opted-in
controller the chance to approve or deny all rendezvous circuit and stream
requests before they're acted upon. This would allow us to make more
complex and useful mitigations as third party software.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16052#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list