[tor-relays] A bit more evidence on circuit creation storms

Gordon Morehouse gordon at morehouse.me
Sat Aug 31 18:14:04 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

krishna e bera:
> On 13-08-29 10:35 PM, Gordon Morehouse wrote:
>> What on earth is causing so many circuit creation requests in
>> such a short timespan?
> 
> One possibility, if i recall correctly, is that the Tor that comes
> with the PirateBrowser bundle is configured to build single hop
> circuits.
> 
> Make sure that these defaults are still set in your relay:

The DDOS - because that's what it obviously is - managed to kill my
Pi-based node last night, so I've finally restarted with all these
except RefuseUnknownExits 1, just because of your caveat.

I had some of the statistics already enabled, so it's continuing to
collect those.

Is there a way to give Tor a hard memory cap, so it won't chew up all
available RAM on the system?

> AllowSingleHopExits 0 AllowSingleHopCircuits 0
> 
> You can also try RefuseUnknownExits 1    but maybe auto is better
> 
> And these may help sketch the circuit storms: EntryStatistics 1 
> ExitPortStatistics 1 ConnDirectionStatistics 1

Best,
Gordon M.

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJSIjJoAAoJED/jpRoe7/ujuicH/Au5NXr/q5MTYH54mPPuE/OJ
9jOkT/M34O0+U9gqYH8ja2gzTFf3CdxESraS6A7A+r2DWUX9R6l+zia5YX/SYCUu
dWWNB843vXhcjNqhw01h05c70QgKStKrm6sLCjliVxhcovfMnkmMxLxk3EmQ3OzW
nOdHQT2QGV+xCXqYz7FS9OtCnRmjTjI3bb8PJ1xcL76IjPGlCKr5vt7cDO3Y7x80
o0hnPJxMhYs0MhS5sNXfHIifDNT6LlCuZvIT0GLe3w9Gg15BUYKgn5bi1iNEtoSV
J/2DbxvmT23Tv6E2WnpxEoOu/yupbHAiDcYbwIT1ig4mePA/xCgjdm7mEdqrXpE=
=AiLg
-----END PGP SIGNATURE-----


More information about the tor-relays mailing list