I haven't read it yet, but there's a short paper at FOCI this year analyzing a case study of a DDoS attack on relays operated by the authors.
"A case study on DDoS attacks against Tor relays" Tobias Höller, René Mairhofer https://www.petsymposium.org/foci/2024/foci-2024-0014.php On Mon, Jul 08, 2024 at 07:34:51PM +0200, Rafo (r4fo.com) via tor-relays wrote: > I have been running a relay for a few months now without any problems. But > this > week I’ve received 2 DDoS alerts from my provider (Netcup), both are ~3 > gigabits. They seem to be coming from other Tor relays. > I’m running an Invidious like instance on my server (which uses around 600 > megabits) but I have a 2.5 gigabit port. So I configured my Tor relay to use > 300-400 megabits. > I’m not sure where that 3 gigabit of data comes from. > I have lowered my advertised bandwidth to 100 megabits, would that be enough > to > prevent these kind of issues? _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
