[tor-relays] botnet? abusing/attacking guard nodes by openssl?
Felix
zwiebel at quantentunnel.de
Wed Dec 20 19:48:43 UTC 2017
Hi everybody
> * if all 65535 connections on an IP were open to the Tor network, and
> * the biggest Tor Guard has 0.91% Guard probability[0], then
> * it would expect to see 597 connections.
Sorry if this is a silly question, but do we know if these are Tor
clients connecting our guards? We see many connects but not much circuits.
Could someone get state by:
openssl s_client -connect tor-guard-ip:tor-guard-orport -tls1
and establish awfull many tls connects without any circuit ?
In this case there are like 64k outbound ports available and the
necessary memory/cpu for openssl is much lower than for a regular Tor
client.
--
Cheers, Felix
More information about the tor-relays
mailing list