More specifically, I’m running a middle relay on Debian 12 ----
On Tue, 09 Jul 2024 13:46:51 +0200
li...@for-privacy.net<li...@for-privacy.net> wrote ---- On Montag, 8. Juli 2024
19:34:51 CEST Rafo (r4fo.com) via tor-relays wrote: > But this week I’ve
received 2 DDoS alerts from my provider > (Netcup), both are ~3 gigabits. They
seem to be coming from other Tor > relays.I’m running an Invidious like
instance on my server (which uses > around 600 megabits) but I have a 2.5
gigabit port. So I configured my Tor > relay to use 300-400 megabits.I’m not
sure where that 3 gigabit of data > comes from.I have lowered my advertised
bandwidth to 100 megabits, would > that be enough to prevent these kind of
issues?Kind regards,Rafo Reducing the advertised bandwidth does not help. ;-)
In general, one tor instance will rarely reach 100 megabits. There is little
you can do on the server against targeted DDoS. But you can stop IPs with a
lot of connections to your tor daemon using dynamic exit police¹ or dyn.
IP/nftable rules². For targeted help, you should specify the type of relay you
have and your OS.
https://gitlab.torproject.org/tpo/community/support/-/issues/40093
¹https://github.com/artikel10/surgeprotector
²https://forum.torproject.org/t/is-tor-network-resistant-to-tcp-syn-flood-dos-attacks-from-outside-of-tor/12690/4
-- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you
freedom!_______________________________________________ tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
