[Tor-BSD] new tor -alpha release and DOS attacks
teor2345 at gmail.com
Thu Dec 21 16:47:56 EST 2017
> On 22 Dec 2017, at 08:14, George Rosamond <george at ceetonetechnology.com> wrote:
> For anyone who's running any directory services, there has been heavy
> memory-consuming attacks going on since last week.
These attacks potentially affect all Tor relays.
> We should discuss mitigation on the operating system level with
> host-based firewalling and syctl knobs in a separate thread, but the new
> tor -alpha release is supposed to deal with the issue.
The new release mitigates the issue by consuming less RAM.
We also recommend the following Tor config mitigations:
* set MaxMemInQueues to the amount of free RAM available per tor
instance, minus a few hundred megabytes for other data structures.
* give Tor as many file descriptors as you have available (again, minus
those needed for other purposes).
> The FreeBSD security/tor-devel was updated zippy quick, and I'm running
> it now on NYCBUG0.
Thanks for the prompt response!
More information about the Tor-BSD