[tor-bugs] #2667 [Tor Relay]: Exits should block reentry into the tor network
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Oct 28 14:00:19 UTC 2011
#2667: Exits should block reentry into the tor network
-----------------------+----------------------------------------------------
Reporter: mikeperry | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version:
Keywords: | Parent: #2664
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Changes (by nickm):
* priority: normal => major
* milestone: Tor: unspecified => Tor: 0.2.3.x-final
Comment:
Given recent upswings in the popularity of DOS attacks, I think we should
plan to do this one for 0.2.3. Specifically:
* Exits should block connections to known Tor ORPorts.
* Bridges (and relays?) should refuse OR connections from exit IPs.
* Both of these behaviors should be configured via torrc and on-by-
default.
The only implementation challenge here will be doing efficient lookup of
nodes by address or address:port. (My intuition is that a linear search
here will be too expensive.) We can do that by adding another hashmap to
node_t.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2667#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list