[guardian-dev] Fwd: using UDPGW and tun2socks over Tor
Nathan of Guardian
nathan at guardianproject.info
Fri Oct 24 08:40:55 EDT 2014
On Fri, Oct 24, 2014, at 04:47 AM, Delyan Kratunov wrote:
> > Perhaps udpgw instances can be run along side all Tor exit nodes?
>
> Isn't the DDoS potential extremely high if Tor allows UDP? Since there's
> no
> flow control with the end server, a malicious client can establish
> multiple
> circuits, all spamming traffic, turning the exit nodes into a botnet.
> Tor's
> fundamental design can't protect against this, right? It's
> indistinguishable
> from, say, a massive amount of unidirectional SIP traffic.
Definitely a possibility. DDoS over Tor is already a problem (see LOIC),
but perhaps UDP support would exacerbate that beyond what is manageable.
> Also, I question how usable udpgw would be for realtime voice or video
> communication from a mobile device. Wrapping traffic meant to be
> "droppable"
> into TCP means video frames coming way too late, retransmits within the
> Tor
> network and all sorts of other issues the protocols may not be equipped
> to
> handle.
>From my early tests it is not so bad, especially with efficient codecs
like Codec2.
--
Nathan of Guardian
nathan at guardianproject.info
More information about the Guardian-dev
mailing list