[tor-bugs] #28367 [Core Tor/Tor]: RFE additional DOS mitigations for exits

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 8 04:04:14 UTC 2018


#28367: RFE additional DOS mitigations for exits
--------------------------+----------------------------------
 Reporter:  starlight     |          Owner:  (none)
     Type:  enhancement   |         Status:  closed
 Priority:  Medium        |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |        Version:  Tor: unspecified
 Severity:  Normal        |     Resolution:  duplicate
 Keywords:  tor-dos       |  Actual Points:
Parent ID:  #24797        |         Points:
 Reviewer:                |        Sponsor:
--------------------------+----------------------------------

Comment (by starlight):

 Another point to think about is rate limiting of connections.  Scanners
 generally operate by extending a number of circuits to an exit and then
 rapidly opening streams / edge_connections on each, so an effective way to
 mitigate this form of behavior is to have a rate limit that curtails or
 kills circuits that rapidly initiate connections while leaving calmer
 circuits untouched.  The first priority flesh-and-blood users who brows
 the web can continue unharassed while bots get squelched.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28367#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list