#24902: Denial of Service mitigation subsystem -----------------------------+------------------------------------ Reporter: dgoulet | Owner: dgoulet Type: enhancement | Status: needs_review Priority: Medium | Milestone: Tor: 0.3.3.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: ddos, tor-relay | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: -----------------------------+------------------------------------ Changes (by dgoulet):
* status: assigned => needs_review Comment: I'm submitting today, for initial review, a branch that contains a basic skeleton of this subsystem and a DoS circuit creation mitigation feature. This is a draft of the design and I hope to get it in a MUCH BETTER format to put in `doc/` at some point if we want this: https://people.torproject.org/~dgoulet/volatile/ddos-design.txt Few things to mention. First, there are no unit tests because before doing so I wanted more opinions on the design, engineering and overall structure of the code. Second, this code has been running on my relay for ~4 days where more than 330 IPs have been identified has malicious and for which cells are being dropped (which is the defense in place). Third, there could be still an issue with client traffic going through an Exit and back in the network, we need to address this or at least mitigate it as much as we can before we deploy. Fourth, this feature is disabled by default and I would expect that in normal circumstances, it won't be used at all. I see this as a way to help out in situations like the one we are in right now. Last thing, there is another possible mitigation with regards of high number of concurrent TCP connections doing tor2web. We are seeing that at high rate right now on the network (most likely scanning the "DarkWeb") but this branch is *NOT* about that but a detection/defense could take advantage of this code in many ways. See branch: `dgoulet/ddos_033_03` -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24902#comment:1> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs