[tor-relays] DoS stats from exits running

teor teor2345 at gmail.com
Fri Feb 16 22:16:09 UTC 2018

On 17 Feb 2018, at 07:21, Matt Traudt <pastly at torproject.org> wrote:

>> On 2/16/18 12:23, nusenu wrote:
>> I was wondering if these unfriendly tor clients are using tor's default
>> path selection or something else.

We think they are using Tor's bandwidth weights, but without entry guards.
They may be using one of the buggy versions that assigns exits a non-zero

>> If they do tor exit relays would have much smaller values in their DoS stats, right?

My exit has smaller DoS stats and connections than my guards.
And my higher-weighted guards have more connections than my
lower-weighted guards.

These DoS stats are from one of my guards:

>> Would any tor exit operator (listed bellow) running be willing to share (obfuscated/not exact
>> counters) of their DoS log entries? (only if you do not have any additional firewall rules filtering packets)
> I run an 0332-alpha relay with no extra firewall rules.
> 4B084AD6A0BA70761A333829F52042BB6EA009AF
> In case the following gets wrapped and ruined: https://paste.debian.net/1010648/
> Feb 16 01:50:55.000 [notice] Since startup, we have initiated x v1 connections, x v2 connections, x v3 connections, and 5xxxx v4 connections; and received 5x v1 connections, 1xx v2 connections, 9xx v3 connections, and 4xxxxx v4 connections.
> Feb 16 01:50:55.000 [notice] DoS mitigation since startup: x circuits rejected, x marked addresses. x connections closed. 2xx single hop clients refused.

On my guards, each of these figures is much higher.

But the "single hop clients refused" figure is proportional to the bandwidth
(my figure is 8x, and my bandwidth is 5x). So those clients may be using
raw bandwidth weights rather than middle weights.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180217/eae4eb61/attachment.html>

More information about the tor-relays mailing list