[tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat May 16 21:31:31 UTC 2015
#16052: Hidden service socket exhaustion by opening many connections
------------------------+------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-hs dos SponsorR SponsorU
Actual Points: | Parent ID:
Points: |
------------------------+------------------------------------------
Comment (by special):
Replying to [comment:6 arma]:
> Replying to [comment:5 special]:
> > g) Add a "rendezvous approver" control API, which gives an opted-
in controller the chance to approve or deny all rendezvous circuit and
stream requests before they're acted upon. This would allow us to make
more complex and useful mitigations as third party software.
>
> Can you flesh out the decision process that such a mitigator might use?
If you have anything non-trivial, a new ticket is probably best here.
I created #16059, including a list of potential use cases. Most of them
are not very helpful against DoS on a HTTP-based service, but others may
have ideas.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16052#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list