[tor-talk] Hidden Services using same onion address?
Anon Mus
my.green.lantern at googlemail.com
Thu May 5 11:43:37 UTC 2011
Moritz Bartl wrote:
> Hi,
>
> On 05.05.2011 13:08, Anon Mus wrote:
>
>> What happens if 2 Tor systems supported different Hidden Services using
>> same abc.onion address?
>>
>
> This is the hidden redundancy feature built in to Tor. The last of the
> systems to publish its key is the one that receives the traffic, so
> there is no load balancing, but if one of the systems go down, the other
> will "automatically take over" after a period of max ~30 mins IIRC.
>
>
>> (Could this be used to launch a pseudo DOS/hijack attack on existing
>> hidden services, after they've been down, say, for a minute or 2?)
>>
>
> Hijacking is very unlikely as you would have to generate the same public
> key. As the owner of a hidden service you can copy the keyfiles to as
> many machines as you wish to achieve some level of redundancy.
>
>
Hi Moritz,
Thanks for the quick reply, this is all I needed to know.
I think that 30 mins might be a bit too long for anyone running a
back-up redundant hidden service though. Its a shame you can't specify
the time-out. for the hidden service or even to have some sort of random
(balanced??) system. That way hidden services would not be so vulnerable
to line/connection outage/blockage trace attacks - halt/block
connections and see if the hidden service is lost.
Jo
More information about the tor-talk
mailing list