[tor-relays] outgooing UDP flooding on middle relay

Markus Koch niftybunny at googlemail.com
Mon Aug 1 13:08:42 UTC 2016 

Looks like DOS/DDOS.Is it even possible to DDOS over tor?


2016-08-01 15:04 GMT+02:00 pa011 <pa011 at web.de>:
> yes about the same - sorry for the page brake dont get it solved in my
> thunderbird
>
>  h  rx (KiB)   tx (KiB)      h  rx (KiB)   tx (KiB)      h  rx (KiB)
> tx (KiB)
> 23  6.559.929  6.748.215    07  4.697.285  4.845.893    15 35.106.193
> 35.833.114
> 00  5.129.384  5.289.456    08 12.317.567 12.605.726    16          0
>       0
> 01  3.709.181  3.843.988    09 14.913.172 15.278.079    17          0
>       0
> 02  4.405.017  4.574.745    10 22.218.874 22.738.508    18    102.138
> 144.732
> 03  4.670.091  4.817.785    11 25.700.571 26.306.505    19    275.999
> 340.633
> 04  4.711.807  4.853.921    12 32.840.796 33.571.996    20    271.278
> 382.087
> 05  4.269.354  4.408.417    13 32.910.527 33.637.092    21    263.147
> 383.444
> 06  5.279.142  5.443.890    14 40.052.678 40.824.138    22    176.040
> 258.865
>
>
> Am 01.08.2016 um 14:51 schrieb Markus Koch:
>> In and outgoing traffic is the same size?
>>
>>
>>
>> 2016-08-01 14:44 GMT+02:00 pa011 <pa011 at web.de>:
>>> The ISP didn’t mention - I would have to ask.
>>>
>>> What I saw was that the traffic was up about linear from usually 30Mbits
>>> to above 100 Mbits over about 6 hours, bringing the CPU to 100% and
>>> dropping.
>>>
>>>
>>> Am 01.08.2016 um 14:36 schrieb Markus Koch:
>>>> How many packets per second?
>>>>
>>>> Markus
>>>>
>>>>
>>>>
>>>> 2016-08-01 14:28 GMT+02:00 pa011 <pa011 at web.de>:
>>>>> Hello,
>>>>>
>>>>> one of my middle relays got auto limited by the ISP because of
>>>>> "outgooing UDP flooding ".
>>>>>
>>>>> The VPS is pure debian8, fail2ban, pub key and nothing else installed -
>>>>> so I highly doubt the give reason for the traffic limitation.
>>>>> Also I cant find anything in the log files.
>>>>>
>>>>> Anybody having experience with such an issue?
>>>>> What to check for please?
>>>>>
>>>>> Paul
>>>>>
>>>>> _______________________________________________
>>>>> tor-relays mailing list
>>>>> tor-relays at lists.torproject.org
>>>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>>>>
>>>> _______________________________________________
>>>> tor-relays mailing list
>>>> tor-relays at lists.torproject.org
>>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>>>
>>> _______________________________________________
>>> tor-relays mailing list
>>> tor-relays at lists.torproject.org
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

More information about the tor-relays mailing list