Delivery-Date: Mon, 01 Dec 2014 07:25:12 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	PLING_QUERY,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 7E3051E0A23;
	Mon,  1 Dec 2014 07:25:11 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 3727E31A04;
	Mon,  1 Dec 2014 12:25:05 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 253BE3162D
 for <tor-talk@lists.torproject.org>; Mon,  1 Dec 2014 12:25:01 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id wUB8c6351D7F for <tor-talk@lists.torproject.org>;
 Mon,  1 Dec 2014 12:25:01 +0000 (UTC)
Received: from smtp3.hushmail.com (smtp3.hushmail.com [65.39.178.200])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp.hushmail.com", Issuer "Self-signed" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 028DE31595
 for <tor-talk@lists.torproject.org>; Mon,  1 Dec 2014 12:25:01 +0000 (UTC)
Received: from smtp3.hushmail.com (localhost [127.0.0.1])
 by smtp3.hushmail.com (Postfix) with SMTP id 0C3A5E0251
 for <tor-talk@lists.torproject.org>; Mon,  1 Dec 2014 12:24:58 +0000 (UTC)
Received: from smtp.hushmail.com (w3.hushmail.com [65.39.178.62])
 by smtp3.hushmail.com (Postfix) with ESMTP
 for <tor-talk@lists.torproject.org>; Mon,  1 Dec 2014 12:24:57 +0000 (UTC)
Received: by smtp.hushmail.com (Postfix, from userid 99)
 id ECCB4C0115; Mon,  1 Dec 2014 12:24:57 +0000 (UTC)
MIME-Version: 1.0
Date: Mon, 01 Dec 2014 07:24:57 -0500
To: tor-talk@lists.torproject.org
From: "l.m" <ter.one.leeboi@hush.com>
In-Reply-To: <20141201100049.11A58C0115@smtp.hushmail.com>
References: <d44c9fb94badc9743f9491dc11db52c0@ruggedinbox.com>
 <547BD14E.3060902@gna.org> <ae0862eb6ac3ff7fa2798255b2676645@ruggedinbox.com>
 <547C1EE3.7010604@riseup.net> <20141201100049.11A58C0115@smtp.hushmail.com> 
Message-Id: <20141201122457.ECCB4C0115@smtp.hushmail.com>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] (D)DOS over Tor network ? Help !
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

I think it's also worth mentioning this may be an attack on your
service  via your server's service provider. It's not  impossible to
have one HS work fine but many cause timeouts as you  begin to enable
all HS. As you begin to increase traffic to guards you give away that
your services are online. Depending on on your service provider's 
capability they may not  even notice without going to a senior level.
This would imply your  service is the target rather than any
particular HS--or perhaps, as you noted, because  of some offending
HS. I  suppose you could create a large number of test HS to simulate
a  load.

From what you describe there's no evidence of an attack on  the sites
themselves. But when you allow them all your service goes down 
completely. Why would your guards timeout without actual traffic. You
already tried changing the guards and got the same result--timeouts.

-- leeroy bearr
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

