#25062 closed defect (worksforme)

Block offending portscanners

Reported by: cypherpunks Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Tor client:
If the user tried to connect port 1, then 3, and 4
and all of them failed(3 times in a row),
deny connection to destination.onion for 3 minutes.

Tor server:
If the port request come from circuit X,
and it is trying port 2, 5, and 8, and all of them failed(3 times in a row)
deny connection from this circuit; just drop connection.

This guy didn't allowing people from delisting his attacklist:
http://zlal32teyptf4tvi.onion/

Portscanning unauthorized servers are illegal. Why scanning tor service is okay?

Child Tickets

Change History (2)

comment:1 Changed 20 months ago by yawning

HiddenServiceAllowUnknownPorts exists already.

Edit: I'm inclined to call this a dup of #13667. Client side changes are totally pointless.

Last edited 20 months ago by yawning (previous) (diff)

comment:2 Changed 20 months ago by teor

Priority: HighMedium
Resolution: worksforme
Severity: CriticalNormal
Status: newclosed

This feature exists.
Also, revert the use of priorities: setting them doesn't actually get our attention.

Note: See TracTickets for help on using tickets.