[guardian-dev] Fwd: using UDPGW and tun2socks over Tor
Delyan Kratunov
guardian at delyan.me
Fri Oct 24 04:47:40 EDT 2014
> Perhaps udpgw instances can be run along side all Tor exit nodes?
Isn't the DDoS potential extremely high if Tor allows UDP? Since there's no
flow control with the end server, a malicious client can establish multiple
circuits, all spamming traffic, turning the exit nodes into a botnet. Tor's
fundamental design can't protect against this, right? It's indistinguishable
from, say, a massive amount of unidirectional SIP traffic.
Also, I question how usable udpgw would be for realtime voice or video
communication from a mobile device. Wrapping traffic meant to be "droppable"
into TCP means video frames coming way too late, retransmits within the Tor
network and all sorts of other issues the protocols may not be equipped to
handle.
More information about the Guardian-dev
mailing list