[tor-relays] DoS attack on Tor exit relay

gerard at bulger.co.uk gerard at bulger.co.uk
Thu Aug 1 11:16:41 UTC 2019


Can we have your fail2ban scripts for the OR port?  The jail and rules?

Gerry

-----Original Message-----
From: tor-relays <tor-relays-bounces at lists.torproject.org> On Behalf Of teor
Sent: 01 August 2019 00:28
To: tor-relays at lists.torproject.org
Subject: Re: [tor-relays] DoS attack on Tor exit relay

Hi,

> On 1 Aug 2019, at 02:27, Larry Brandt <lbrandt at cni.net> wrote:
> 
> Yes, I have fail2ban installed but the attack is focused on my ORPort
9001.  Similarly, I have an external firewall but it permits 9001 port
passage.

If you're trying to prevent too many connections, you can adjust the DoS
torrc options:
DoSConnectionEnabled 1
DoSConnectionMaxConcurrentCount 1
DoSConnectionDefenseType 2

If that works, try adjusting DoSConnectionMaxConcurrentCount a bit
higher: 10 or 25 are good values.

T

--
teor
----------------------------------------------------------------------




More information about the tor-relays mailing list