[tor-dev] Constraining Ephemeral Service Creation in Tor

teor teor2345 at gmail.com
Thu Sep 29 06:38:58 UTC 2016

> On 28 Sep 2016, at 07:59, bancfc at openmailbox.org wrote:
> Hello, We are working on supporting ephemeral onion services in Whonix and one of the concerns brought up is how an attacker can potentially exhaust resources like RAM. CPU, entropy... on the Gateway (or system in the case of TAILS) by requesting an arbitrary number of services and ports to be created.
> In our opinion, options in core Tor for setting a maximum number of services and ports per service seems the right way to go about it. Also rate limiting the requests (like you do with NEWNYM) would be a sensible thing to do.
> What are your opinions about this?

I think this would be much better implemented in a control port filter.
There are several existing control port filters.
Do they have this feature?

Alternately, you should limit resources to the tor process using OS
facilities. If you set an open file limit, this will constrain the
number of hidden services.
If it doesn't, or tor behaves badly when adding a hidden service with
few file descriptors, file a bug against tor.


Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
xmpp: teor at torproject dot org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160928/e041a0aa/attachment.sig>

More information about the tor-dev mailing list