[tor-bugs] #27921 [Core Tor/Tor]: apparent DOS / impairment-of-service against FallbackDirs using DIR requests, please evaluate for possible mitigation
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 7 00:08:10 UTC 2018
#27921: apparent DOS / impairment-of-service against FallbackDirs using DIR
requests, please evaluate for possible mitigation
--------------------------+------------------------------------
Reporter: starlight | Owner: (none)
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version: Tor: 0.3.4.1-alpha
Severity: Normal | Resolution:
Keywords: tor-dos | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Comment (by starlight):
next above will not work because several other configuration elements
implicitly activate caching of full descriptors
does any reason exist why I should not modify the daemon to reject
individual descriptor queries? seems to me relays pull "all"; I know that
my scripts do
either that or I will have the daemon log requesting IPs and feed them to
scripts written to block the botnet when it came in via plaintext DIR port
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27921#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list