[tor-bugs] #19740 [Core Tor/Tor]: (new ?) efficient attack against an exit relay
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jul 24 08:33:04 UTC 2016
#19740: (new ?) efficient attack against an exit relay
--------------------------+---------------------------------
Reporter: toralf | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version: Tor: 0.2.8.5-rc
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+---------------------------------
Comment (by toralf):
B/c an iptables counter rule showed over 145 millions connections to port
80 I added 2 rules to iptables :
{{{
# Tor
#
# limit max. number per second
$IPT -A INPUT -p tcp --destination-port 80 --syn --match connlimit
--connlimit-above 1000 -j DROP
# limit max. number per IP address
$IPT -A INPUT -p tcp --destination-port 80 --syn --match connlimit
--connlimit-above 5 --connlimit-mask 32 -j DROP
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19740#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list