[tor-relays] DoS attacks are real (probably)
x9p
tor at x9p.org
Mon Dec 11 16:41:51 UTC 2017
On Mon, December 11, 2017 1:40 pm, Alex Xu wrote:
> tl;dr: run this:
>
> conntrack -L -p tcp --dport 9001 | awk '{print $5}' | sort | uniq -c |
> sort -n
Thanks for the detailed analysis.
> ignore numbers less than 10. the remaining output should consist of the
> following:
...
> are not NATed IPs, a high limit is not justified. I recommend against
> the blanket approach suggested previously of limiting whole sets of
> /24s, since that may inadvertently block mobile clients and is not
> effective against the current attack. As mentioned in the previous
I agree the approach of /24 connlimit is not a good approach to Exit
nodes. But for relays only worked fine for me and others.
cheers.
--
x9p | PGP : 0x03B50AF5EA4C8D80 / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE
1524 E7EE
More information about the tor-relays
mailing list