[tor-relays] DoS attacks on multiple relays
Felix
zwiebel at quantentunnel.de
Mon Dec 4 20:19:01 UTC 2017
Hi null
Am 04-Dec-17 um 20:40 schrieb null:
> $ ss -s
> Total: 15855 (kernel 0)
> TCP: 24520 (estab 23969, closed 305, orphaned 31, synrecv 0, timewait
> 261/0), ports 0
imho the attempts have tcp state. I experienced similar from a minor
number of non relays. It seems like you gather too many statefull connects.
The ips might not be evil.
Heavy action can be you purge them or tcpdrop(8) before they hurt. Or
connection limit by ip per firewall.
--
Good luck and cheers, Felix
More information about the tor-relays
mailing list