-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It looks like you have DoSed some of the faster Tor relays out there, and then Tor stopped working as well for you. Perhaps these were your entry guards, so you were particularly strongly affected? Tor did not stop serving me. He served me with errors. It is big difference. In first case, it should be absolutely OK.
Of course, relay dont know, if he is serving 500 users or 500 connection of one user, but no matters. If it is problem of capacity of relay, it should not accept next connection, if it is full. And you can do a CPU denial of service too, not just a bandwidth denial of service, as you say. I think it isnt answer. This looks like exact and repeatable bug. Ofcourse, im not Tor specialist, so I cannot say 'it is bug in filefoo.c'. While I worked as programmer (now Im only architect, so Im missing contact with sources), I made server systems with massive parallel access and millions of daily visitors (simply, I was developer of centrum.cz). With this experience, I never see problem like this. Every server system should reject next connection, when its full. Of course, there is some possibility, that server power is not used for the edge, but it is much more secure. I dont know exact defence mechanisms in Tor, Im just using Tor API. But I think it is very dangerous, that there is simple possibility to break communication with one simple computer on 256kbit upload link. Try it against any other server application... As I wrote, I think it should be perfect, if node, which is reaching its limit on CPU/opened sockets/whatever should reject all other connection. But I was very surprised, when it served me with pages I never seen. It is security problem I think. I guess we can put some checks for this particular attack in, for example by rate limiting the number of create attempts from a Tor not listed in the directory. But I fear that stopping all DoS avenues is a losing Im listed in directory, because Im running Tor relay. proposition. It's hard enough to build a system that handles many users well even when they are all playing nice. I know very well, what you mean, trust me :-). Marek -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: http://getfiregpg.org iD8DBQFIfuHhr7KgZiv8EokRAmEkAKDq5FXPFBUopWQq6ZcKzy4MnYsBDQCdHPDP tN+mTKWH6KTeMlg0Wy2j55o= =vihL -----END PGP SIGNATURE-----