Opened 4 months ago

Closed 4 months ago

#30620 closed defect (duplicate)

HS DDos on circuits? Can't have access to my hidden service

Reported by: HSdir123 Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.4.1.1-alpha
Severity: Normal Keywords: tor-dos, tor-hs, circuit-build
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I do run a HS and i am getting attacked by a ddos. It was on layer7, then tcp, and now i think it's currently going in tor.

Tor debugs is been like 3MB weight in less than one second, with that query spammed:

circuit_build_times_add_time(): Adding circuit build time (random value)

3MB of that.

If i manage to start tor service i get:

May 25 21:21:19.000 [warn] Possible replay detected! An INTRODUCE2 cell with thesame ENCRYPTED section was seen 2 seconds ago. Dropping cell.
May 25 21:21:20.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 126 buildtimes.
May 25 21:21:41.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 1000 buildtimes.
May 25 21:22:06.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 1000 buildtimes.
May 25 21:22:33.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 1000 buildtimes.
May 25 21:23:33.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 1000 buildtimes.
May 25 21:23:46.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 368 buildtimes.
May 25 21:24:30.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 1000 buildtimes.
May 25 21:24:37.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 261 buildtimes.
May 25 21:24:45.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 296 buildtimes.
May 25 21:24:49.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 152 buildtimes.
May 25 21:25:17.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 942 buildtimes.
May 25 21:25:22.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 117 buildtimes.
May 25 21:25:29.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 132 buildtimes.
May 25 21:25:34.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 161 buildtimes.
May 25 21:25:40.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 118 buildtimes.
May 25 21:25:45.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 117 buildtimes.
May 25 21:25:50.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 149 buildtimes.
May 25 21:26:05.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 613 buildtimes.
May 25 21:26:12.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 205 buildtimes.
May 25 21:26:17.000 [notice] Your network connection speed appears to have changed. Resetting timeout to 60s after 18 timeouts and 117 buildtimes.

Things like that all the time.

How to get around that?

Child Tickets

Change History (4)

comment:1 Changed 4 months ago by HSdir123

https://www.sendspace.com/file/wh9n92

This is the full debug file of which i was speaking about earlier

comment:2 Changed 4 months ago by catalyst

Keywords: tor-dos tor-hs circuit-build added; DDos circuits tor nodes removed
Milestone: Tor: unspecified
Priority: ImmediateMedium
Severity: BlockerNormal

comment:3 Changed 4 months ago by nickm

This looks like a duplicate of 29607, but please reopen if I am wrong.

comment:4 Changed 4 months ago by nickm

Resolution: duplicate
Status: newclosed
Note: See TracTickets for help on using tickets.