[tor-relays] Performance issues/DoS from outgoing Exit connections
Alexander Dietrich
alexander at dietrich.cx
Fri Oct 21 20:09:56 UTC 2022
Hello,
on the evening of 2022-10-18, we (Artikel10) started getting alerts about our Tor servers, while our traffic declined sharply. When we investigated, we found that there were hundreds of thousands of TCP connections (per server) open to a single address, orders of magnitude more than any other address. We blocked this address via "ExitPolicy reject", then another one, and since then things seem to have improved.
I have thrown together a small Python script to detect this and generate "ExitPolicy reject" lines automatically:
https://github.com/artikel10/surgeprotector
This is still experimental, so if you decide to give the script a try, please keep an eye on it.
Kind regards,
Alexander
--
PGP Key: https://dietrich.cx/pgp | 0x52FA4EE1722D54EB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20221021/1cf1de8f/attachment.htm>
More information about the tor-relays
mailing list