-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Onions,
Reading the blog post with the DDoS possible attack to terminate relays by making RAM memory scarce, I would like to ask the following: In Tor versions > 2.4 a defense against these types of attacks was deployed (MaxMemInCellQueues). MaxMemInCellQueues shall kill circuits when RAM memory gets low based on cell lifetime (?oldest circuit(s)?). The post says: "There is likely not one single value that makes sense here: if it is too high, then relays with lower memory will not be protected; if it is too low, then there may be more false positives resulting in honest circuits being killed." - -- in this case, with the default install of Tor (from torproject.org or repositories), without any editing of torrc file from user's side, what is the MaxMemInCellQueues value set to? Or is it not set at all? With an improper configuration for this value made by the users running relays, won't this cause a penalty over the performance of Tor network overall? It could be confusing. How many of current admins are using MaxMemInCellQueues and more important is it used correctly or are honest circuits being killed? (I could add that since few weeks ago circuits to OFTC irc server for example do not last more than 24 Hrs). How can the MaxMemInCellQueues setting help regular non-advanced users who are relays using Vidalia relay packages for Windows? How can this category of users protect against this type of attack? - -- PGP Public key: http://www.sky-ip.org/s...@sky-ip.org.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) iQEcBAEBAgAGBQJTHPnRAAoJEIN/pSyBJlsRd1MH/3bAEjfrvXuIs6xBXOlCS2HB cmlH7Cl8YKyQQxD6bNMOBvDUUGERaUrLkObbakGj09l2HuQntrQB06Y9LxANj93E uA2BlwtOHNdQSBghUbFFFwKRlRO9pi3Fxekk5ll++6ADc7W8qNxYHLpiLx//eVct gCIB2QlDiaDL7BmfHcSEsyKxFZmvl8TJpODrq9kFrkf7Caak7M5KiM0r5jpPpkNK Sa//7AzLGGqif1RMpjb3bTOjkejPmMCI9Sf+Lz24rYrAO133lkGdPUngrT0Q1WBl 8oqYDhbegBSsDKJJuvm33lslO7/VU05mpT5IUHCunsglKyCQI3VGs+5UKYhjx6k= =Jfmy -----END PGP SIGNATURE----- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
