#19984: Use a better set of comparison/evaluation functions for deciding which connections to kill when OOS -------------------------------------------------+------------------------- Reporter: nickm | Owner: nickm Type: defect | Status: | accepted Priority: Low | Milestone: Tor: | 0.3.1.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: dos, sockets, triage-out-030-201612 | Actual Points: Parent ID: | Points: 2 Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by nickm): So, what's the best strategy here? We'd like to emphasize connections that are getting lots of usage, but only real usage. The existing code kills whatever OR connections have the fewest circuits, and leaves everything else alone. But if DirPort is open, or if we're an exit, that can be really bad. My first thought was to treat directory server connections and exit as if they had one circuit, and then to rank them by number of circuits along with the OR connections. But maybe that's vulnerable too? An attacker could just start a bunch of clients, open two circuits from each, and get an exit to kill off all its exit connections. Probably not so good. Should we look at last-written time, or queue age, or something else? There may be cleverness needed. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19984#comment:5> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs