[tor-relays] Recent wave of abuse on Tor guards
niftybunny
abuse at to-surf-and-protect.net
Fri Dec 22 09:37:55 UTC 2017
Short answer:
https://i.imgur.com/8QLptcz.png <https://i.imgur.com/8QLptcz.png>
Around 15000 - 18000 connections I can see with netstat. Even my 300 mbit exit has less and there a a lot of Leaseweb clients connecting to me ...
The interesting thing is, it comes and goes in waves. From 6000 (normal) to 20000 connections within an hour.
Someone doesn't like me very much :(
Markus
> On 22. Dec 2017, at 08:42, Felix <zwiebel at quantentunnel.de> wrote:
>
> Am 22-Dec-17 um 08:25 schrieb niftybunny:
>> Still under heavy attack even with the MaxMemInQueues and 0.3.2.8-rc. I
>> need 2 xeons to push 30 mbit as a guard/middle …
>
> Do you want to share some information:
>
> Type i)
> (memory exhaustion by too many circuits)
> What is the memory(top) per tor and its MaxMemInQueues ?
> How many circuits per hour in log ?
>
> Type ii)
> (cpu exhaustion by too many 'half open' tor connections)
> Is your number of open files normal (fw in place) and moderate
> connection counts per remote IP ?
>
> Type iii)
> (One fills your server with too many long fat pipes, first ACK and RTT)
> If on Freebsd, is "mbuf clusters in use" (netstat -m) moderate ?
> Do you get "kern.ipc.nmbclusters limit reached" in messages ?
>
> --
> Cheers, Felix
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20171222/49dd414b/attachment-0001.html>
More information about the tor-relays
mailing list