[tor-relays] syn flood iptables rule
William Kane
ttallink at googlemail.com
Fri Apr 2 18:36:50 UTC 2021
> Then they are modified, or ?
You don't know that, and Tor has code to defend against such attacks,
both limiting concurrent requests, creating too many circuits and
putting a threshold on connect() aka TCP SYN packets, the latter
though only being available on 0.4.6.1-alpha or later.
https://gitlab.torproject.org/tpo/core/tor/-/issues/40253
I'd advise against such firewall rules and let tor handle it.
- William
On 24/02/2021, Toralf Förster <toralf.foerster at gmx.de> wrote:
> On 2/22/21 7:29 PM, William Kane wrote:
>> A hard limit of 9 might be a little too low - then again, a legit,
>> unmodified tor binary would hold it's TCP connection established for
>> as long as needed -
> Hhm, I'm really under the impression that even 5 or 4 should be enough.
> If a client connects more often than every 15 seconds to its guard or a
> relay opens a conenction for more often than 4x per minute to another
> relay - then they are modified, or ?
>
> --
> Toralf
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
More information about the tor-relays
mailing list