[tor-dev] Tor and slow DOS attacks

coderman coderman at gmail.com
Wed Aug 24 21:20:11 UTC 2011


On Wed, Aug 24, 2011 at 12:21 PM, Georg Koppen <g.koppen at jondos.de> wrote:
> ...
> [blah blah] about the rise of slow DOS attacks and that Tor could play
> an important role in it
> ... I am wondering whether there is already some
> effort under way to detect and ban such kind of traffic. Or should there
> be such effort at all?


there should not be an effort.  or better said, slow DoS protections
begin in design stage, continue through development and are supported
by operations.

in nearly every instance of a successful slow DoS there is a negligent
or incompetent sysadmin or developer (or both!) at fault.

the fact that millions of poorly configured webservers are unable to
service requests to their poorly designed and implemented webapps
should have no bearing on Tor efforts or exit traffic.


More information about the tor-dev mailing list