bob1983 <bob1...@protonmail.com> writes:
> Hi.
>
> I'm the sysadmin of an unnamed computer club, we support online security and
> privacy, so our website is available via a Tor hidden service. Recently, we
> found a surge of CPU and RAM usage as soon as Tor has been started. A closer
> look
> showed it was the result of a DoS script, likely a broken web crawler, or a
> bot
> written by some script kiddies, which has been trapped inside an infinite loop
> and made more than 20 requests per seconds 24 hours a day.
>
> I have defeated the abuser by blacklisting the abused script, which takes a
> lot
> of system resource to generate a webpage but never used by normal visitors.
> The
> system is pretty good now, but I noticed that the Tor process still consumes
> significant higher memory usage than before because of the persistent abuser.
>
> Is there a way to limit resource usage originated from a single Tor circuit?
>
There is no such functionality right now I'm afraid. People have been
wanting some sort of functionality like that for a while:
https://www.hackerfactor.com/blog/index.php?/archives/777-Stopping-Tor-Attacks.html
but we haven't had time to develop/design something.
One cheap solution would be to use some sort of CAPTCHA or use onionbalance :S
Some sort of concept like ticket #16059 might be a good start for this,
but we still don't have a precise design:
https://trac.torproject.org/projects/tor/ticket/16059
We are all quite overwhelmed with v3 onions bugfixing right now, so
these projects are on a lower priority for now, and any help from the
community would be appreciated ;)
Cheers!
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
