[tor-bugs] #469 [Tor Relay]: please limit connections by client

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Nov 11 18:16:42 UTC 2010 

#469: please limit connections by client
--------------------------------+-------------------------------------------
 Reporter:  weasel              |         Type:  defect   
   Status:  needs_review        |     Priority:  minor    
Milestone:  Tor: 0.2.3.x-final  |    Component:  Tor Relay
  Version:  0.2.0.2-alpha       |   Resolution:  None     
 Keywords:                      |       Parent:           
--------------------------------+-------------------------------------------
Changes (by nickm):

  * status:  new => needs_review
  * milestone:  post 0.2.1.x => Tor: 0.2.3.x-final


Old description:

> I just had 213.26.168.50 perform a denial of service against Tor26. It
> opened over
> 5000 connections to tor26, which not only ate a bit of CPU, but also used
> up all
> available file descriptors, causing tor26 to drop new connections:
>
> Jul 23 13:26:11.701 [notice] accept failed: Too many open files. Dropping
> incoming connection.
>
> Please implement some limit of connections per clients.  There are a few
> other
> minor abusers too, which probably means this also could use some thinking
> at
> the client:
>
> sudo netstat -na | grep 86.59.21.38 > 38
> cat 38 | grep ESTABLISHED | awk '{print $5}' | sed -e 's/:.*//' | sort |
> uniq -c | sort -n | tail
> [..]
>      11 61.60.x.y              [slightly anonymized]
>      13 212.249.x.y
>      16 59.120.x.y
>      19 81.120.x.y
>      25 65.122.x.y
>      31 202.185.x.y
>      32 125.16.x.y
>    5649 213.26.x.y
>
> cheers,
>

> [Automatically added by flyspray2trac: Operating System: All]

New description:

 I just had 213.26.168.50 perform a denial of service against Tor26. It
 opened over
 5000 connections to tor26, which not only ate a bit of CPU, but also used
 up all
 available file descriptors, causing tor26 to drop new connections:

 Jul 23 13:26:11.701 [notice] accept failed: Too many open files. Dropping
 incoming connection.

 Please implement some limit of connections per clients.  There are a few
 other
 minor abusers too, which probably means this also could use some thinking
 at
 the client:

 sudo netstat -na | grep 86.59.21.38 > 38
 cat 38 | grep ESTABLISHED | awk '{print $5}' | sed -e 's/:.*//' | sort |
 uniq -c | sort -n | tail
 [..]
      11 61.60.x.y              [slightly anonymized]
      13 212.249.x.y
      16 59.120.x.y
      19 81.120.x.y
      25 65.122.x.y
      31 202.185.x.y
      32 125.16.x.y
    5649 213.26.x.y

 cheers,


 [Automatically added by flyspray2trac: Operating System: All]

--

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/469#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list