[tor-relays] DirPort DOS activity against Fallback Directories
starlight.2017q4 at binnacle.cx
starlight.2017q4 at binnacle.cx
Mon May 21 18:09:58 UTC 2018
Recently I noticed excessive DirPort requests to my relay, where DirPort bandwidth reached 15% of ORPort bandwidth. Normal DirPort load is around 2%.
https://lists.torproject.org/pipermail/tor-relays/2018-May/015253.html
Just looked over a sample of FallBackDir relays in Relay Search and
it appears this excess-load abuse is directed at them in particular.
Some fall-back directories show more than a month of excess request
traffic, presumably on the DirPort. Logs here indicate six weeks
of abuse escalating in increments. Possibly this foreshadows a major
increase in an effort to impair FallBackDir relay functionality.
Either an iptables connection-rate limit or disabling DirPort
resolves the problem.
More information about the tor-relays
mailing list