[tor-talk] Off-Path TCP Exploits: Global Rate Limit Considered Dangerous,

Cristian Consonni kikkocristian at gmail.com
Sat Aug 13 22:40:35 UTC 2016


2016-08-10 14:20 GMT+02:00 fatal <fatal at mailbox.org>:
> "[...] Such a weakness could be used to launch targeted attacks that
> track users’ online activity, forcibly terminate a communication, hijack
> a conversation between hosts or degrade the privacy guarantee by
> anonymity networks such as Tor.[...]"

Temporary workaround (source: https://ucrtoday.ucr.edu/39030):
1. Open /etc/sysctl.conf, append a command
“net.ipv4.tcp_challenge_ack_limit = 999999999”.
2. Use “sysctl -p” to update the configuration.

C


More information about the tor-talk mailing list