[guardian-dev] Fwd: using UDPGW and tun2socks over Tor

Delyan Kratunov guardian at delyan.me
Fri Oct 24 04:47:40 EDT 2014


>  Perhaps udpgw instances can be run along side all Tor exit nodes?

Isn't the DDoS potential extremely high if Tor allows UDP? Since there's no 
flow control with the end server, a malicious client can establish multiple 
circuits, all spamming traffic, turning the exit nodes into a botnet. Tor's 
fundamental design can't protect against this, right? It's indistinguishable 
from, say, a massive amount of unidirectional SIP traffic. 

Also, I question how usable udpgw would be for realtime voice or video 
communication from a mobile device. Wrapping traffic meant to be "droppable" 
into TCP means video frames coming way too late, retransmits within the Tor 
network and all sorts of other issues the protocols may not be equipped to 
handle.


More information about the Guardian-dev mailing list