[tor-relays] DirPort DOS activity against Fallback Directories

starlight.2017q4 at binnacle.cx starlight.2017q4 at binnacle.cx
Mon May 21 18:09:58 UTC 2018

Recently I noticed excessive DirPort requests to my relay, where DirPort bandwidth reached 15% of ORPort bandwidth.  Normal DirPort load is around 2%.


Just looked over a sample of FallBackDir relays in Relay Search and
it appears this excess-load abuse is directed at them in particular.
Some fall-back directories show more than a month of excess request
traffic, presumably on the DirPort.  Logs here indicate six weeks
of abuse escalating in increments.  Possibly this foreshadows a major
increase in an effort to impair FallBackDir relay functionality.

Either an iptables connection-rate limit or disabling DirPort
resolves the problem.

More information about the tor-relays mailing list