[tor-talk] attacks on Tor hidden services
Ted Smith
tedks at riseup.net
Sun Oct 23 18:26:25 UTC 2011
On Sat, 2011-10-22 at 23:50 +0000, Gozu-san wrote:
> I didn't mean that people are intentionally DDoSing the Tor network.
> I
> meant that the attacks on hidden-service sites may have spillover
> effects. Let's say that SlowLoris attacks bog Apache serving some
> hidden-service site. With enough attackers, could the site's entry
> guards become bogged?
If the attack is actually SlowLoris, then no. SlowLoris makes Apache use
lots of resources, but it does so using very little network traffic. The
Tor nodes involved would just transfer the small amount needed for
Apache to keep the connection open and move on.
It seems like SlowLoris is the only attack you could really do on a Tor
hidden service, at least without some other vulnerability to exploit.
Anonymous's typical LOIC approach will fail miserably against a hidden
service, and that's the only thing that would end up screwing with the
network.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20111023/2bddc3f2/attachment.pgp>
More information about the tor-talk
mailing list