[tor-talk] How to protect a hidden service from DoS attacks?
Anders Andersson
pipatron at gmail.com
Sat Mar 5 01:33:18 UTC 2011
On Fri, Mar 4, 2011 at 11:09 PM, <hikki at safe-mail.net> wrote:
> Is it even possible? Since everyone is your entry node's IP, if you block it,
> no one will be able to connect to your service.
>
> Some people DoS hidden services to moderate you, making them unreadable.
DoS on the "external" internet seems to be 99% overloading the server
CPU that have badly written and bloated server-side scripts. To
protect from this, don't use badly written and bloated server-side
scripts.
Depending on what you use the service for, you can try to rate-limit
everything to something that is just above usable. I suppose this
wouldn't tax your server CPU with unnecessary encryption.
More information about the tor-talk
mailing list