For several weeks now, users have been complaining (see 
https://www.reddit.com/r/TOR/comments/1cnmsdz/tor_extremely_slow_lately/, 
https://forum.torproject.org/t/is-there-currently-a-major-ddos-affecting-the-networks-availability/12492,
 etc) about degraded performance (slow speeds, timeouts) when using Tor, both 
to access v3 onion sites and clearnet websites. In my personal experience, most 
v3 onion services are responding so slowly that they're completely unusable.

it turns out that's it not just people's imaginations, looking at charts on 
metrics.torproject.org, it can be seen that the time to complete a 5MiB request 
over Tor has increased substantially (https://ibb.co/tp1CHdh). All of this is 
very reminiscent of the large scale DDoS that affected Tor relay nodes in 
2022-2023.

Tor relay operators have reported "attacks" on their relays, but there haven't 
been many details about what kind of attacks are taking place, other than some 
people saying that they have been TCP SYN flooded. But (to me, anyway) SYN 
flooding doesn't really make a lot of sense as there are so many Tor relay 
nodes that would need to be attacked, (and misconfigured to allow a SYN flood 
attack to work), and even if it were a SYN flood, that would cause different 
behavior than what users have been seeing (preventing connections to the Tor 
network rather than slowing them down).

I understand that DDoS attacks on the Tor network might be kind of a touchy 
subject, but it would be good if we could get some information from the project 
leadership as to what's going on, what is being done about it, and what Tor 
relay operators can do to help prevent attacks like these from happening.

Thanks

Sent with [Proton Mail](https://proton.me/) secure email.
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Reply via email to