[tor-onions] Protect against ddos in tor
Alec Muffett
alec.muffett at gmail.com
Tue Feb 9 09:43:17 UTC 2016
> On 28 Jan 2016, at 20:08, Tim Wilson-Brown - teor <teor2345 at gmail.com> wrote:
>
> Alec, I'd be interested in how Facebook has handled attacks like this against its one-hop onion service (RSOS), which has public IP addresses.
We’ve had no IP-level attacks that I am aware of.
We are already generally geared up to deal such attacks on our infrastructure, and because our Onions live in enclaves / are unreachable from “the internet”, living within the infrastructure, such attacks don’t impact the Onion site.
Our onions connect out to the internet / to the Tor network through (a cloud of) proxies. This is why RSOS is currently such a good fit for us, because (non-R) Single Onions would require inbound connectivity and thus presumably some mitigation would need to be applied.
-a
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-onions/attachments/20160209/7d7731c0/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-onions/attachments/20160209/7d7731c0/attachment.sig>
More information about the tor-onions
mailing list