[tor-bugs] #29919 [Core Tor/Tor]: Tor DOS attack help, can a dev take this seriously please?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 27 12:31:46 UTC 2019
#29919: Tor DOS attack help, can a dev take this seriously please?
--------------------------+------------------------
Reporter: HelpDOS | Owner: (none)
Type: defect | Status: new
Priority: Very High | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------
Changes (by HelpDOS):
* keywords: tor-dos tor-hs =>
* sponsor: Sponsor27-can =>
Comment:
I don't know enough about how Tor works to diagnose any further than I
already have, with the lack of relevant errors/warnings in any of the logs
could it be that he is attacking the introduction points? I read some
possible issues for DoS attacks listed in the OnionBalance docs and their
explanation of a "Complex Mode", which seems like it could resolve this,
however no other references to how to enable that, I am assuming it hasn't
yet been implemented.
https://onionbalance.readthedocs.io/en/latest/design.html#complex-mode
If it is currently available, that could be worth us trying but I don't
know how to enable it.
This stuck out to me "An onion service instance may rapidly rotate its
introduction point circuits when subjected to a Denial of Service attack.
An introduction point circuit is closed by the onion service when it has
received max_introductions for that circuit. During DoS this circuit
rotating may occur faster than the management server polls the HSDir
system for new descriptors. As a result clients may retrieve master
descriptors which contain no currently valid introduction points." under
the Basic mode limitations listed here:
https://onionbalance.readthedocs.io/en/latest/design.html#limitations
Could that relate to the "Server not found" error shown within Tor
Browser? When researching that, it is often related to DNS issues in
Firefox.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29919#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list