[tor-bugs] #16052 [Tor]: Hidden service socket exhaustion by opening many connections
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 19 02:08:34 UTC 2015
#16052: Hidden service socket exhaustion by opening many connections
------------------------+------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-hs dos SponsorR SponsorU
Actual Points: | Parent ID:
Points: |
------------------------+------------------------------------------
Comment (by MiRAGE):
i know this may be a slightly uninformed answer but is it not strrange for
any client to be dropping that many (~100) begin requests in one batch?
wouldnt this in itself be an identifier of the potential attacker?
if some mitigating code was added to create an exception if the begin
request count is >100 and then refuse the sendme cell?
is there a middle ground where the server can identify a potentially risky
amount of begin requests and perhaps refuse on that basis causing the
client to not send the circuit-level sendme cell basically leaving the
connection on that basis to time out. this would result in only regular
traffic from user based connections being allowed at normal request rates
and the risky level reqquests perhaps meet a form of authentication
feature to work as a buffer for offending connections. be that a capture
or just a dead link redirect.
"
if(beginRequests >= 90)
{
forward requests to http://doesnotexistdxddos.onion && refuse to send
sendme cell;
}
that way as the flow controll will allow regular trafic but the mitigation
haphazardly represented above would narrow the band of successive or
concurrent trquests from one client within a time period.
would there be any case in wich 100 begin requests would be sent at once
at least to a regular HS by the average client at one time?
disallowing bulk requests if they are irregular should not present many
issues if im not mistaken (i probably am mistaken, im quite a new
researcher in the feild).
i am clearly by no means on the same level of understanding as the
previous posters but sometimes the stupid guy sais something that makes
you rethink and maybe ill do that.
let me know if this helps :)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16052#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list