[tor-relays] DoS attack on Tor exit relay
potlatch
potlatch at protonmail.com
Sun Aug 4 23:03:50 UTC 2019
Gerry,
At this point I have no working scripts for Tor/fail2ban. Be happy to share if they ever materialize. Fail2ban is sorely lacking documentation--or at least I can't find detailed docs. I downloaded fail2ban on current debian and ubuntu VPS and got different version numbers--none were the current release. Stay tuned or give a hand.
-potlatch
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Thursday, August 1, 2019 4:16 AM, <gerard at bulger.co.uk> wrote:
> Can we have your fail2ban scripts for the OR port? The jail and rules?
>
> Gerry
>
> -----Original Message-----
> From: tor-relays tor-relays-bounces at lists.torproject.org On Behalf Of teor
> Sent: 01 August 2019 00:28
> To: tor-relays at lists.torproject.org
> Subject: Re: [tor-relays] DoS attack on Tor exit relay
>
> Hi,
>
> > On 1 Aug 2019, at 02:27, Larry Brandt lbrandt at cni.net wrote:
> > Yes, I have fail2ban installed but the attack is focused on my ORPort
>
> 9001. Similarly, I have an external firewall but it permits 9001 port
> passage.
>
> If you're trying to prevent too many connections, you can adjust the DoS
> torrc options:
> DoSConnectionEnabled 1
> DoSConnectionMaxConcurrentCount 1
> DoSConnectionDefenseType 2
>
> If that works, try adjusting DoSConnectionMaxConcurrentCount a bit
> higher: 10 or 25 are good values.
>
> T
>
> --
> teor
>
>
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
More information about the tor-relays
mailing list