[tor-bugs] #29637 [Core Tor]: Tor exploit
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Mar 2 22:10:08 UTC 2019
#29637: Tor exploit
---------------------+--------------------------
Reporter: pidgin | Owner: (none)
Type: project | Status: new
Priority: Medium | Component: Core Tor
Version: | Severity: Critical
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
---------------------+--------------------------
Dear tor team,
We have setup a discussion board, on the tor network.
And there is someone that is exploiting within our servers, by taking it
down it every time and the forums will respond with "Server not found".
We are pretty sure this problem is on the side of the TOR browser, is
there anything we could do to sort this?
With many thanks for taking time into reading this.
The other ticket was closed, cause i could not reply to question why it's
on tor side.
My answer to that :
the service behind onion HiddenService is fine, it is serving requests.
before the DDOS there have not been "Server Not Found".
Actually it was the hackers third iteration.
First step from hacker was brute force DDOS which made tor cpu load 100%.
countermeasure: vanguards and using ExcludeNodes (torrc)
Second iteration from hacker was to use random nodes, about 1000+, to do
tor cpu load 100%. countermeasure: vanguards / onionbalance.
now tor browser gives "server not found", countermeasure not found yet
Also some server sided information :
onionbalance is active
vanguard is active
vanguard tor process is at 5%
serving tor process is at 5%
attacker has found a way to DDOS not based on tor cpu usage attack or tor
traffic exhaust attack.
I also appoligize for the duplicate ticket, but the others are closed so
this one should be fine for now.
With many thanks.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29637>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list