Tor DOS attack help, can a dev take this seriously please?
Multiple times in the past, I and other hidden service operators have published tickets for help with extreme DoS attacks that are preventing our hidden services from being accessed. This seems like a complete flaw in how Tor works and there is no logical solution in sight.
One reference from an operator I have spoken with: https://trac.torproject.org/projects/tor/ticket/29607
Exact same attack as myself and we were both initially able to prevent it until the attacker changed their method.
At first the attack was overloading the Tor process CPU of 100% and so new connections could not be processed. After running Tor-vanguards add-on I found a recurring fingerprint for an authority relay was being used for the attack. I excluded the fingerprint in my Torrc and immediately the site was back online. He then changed to ANOTHER authority relay, which seems strange to be a coincidence considering they are low bandwidth relays so wouldn't make sense to me to use in this type of attack.
Again, blocked this fingerprint and then the attack completely changed and is seemingly undiscoverable other than a few warnings that stick out in the logs, but they aren't much help.
Any suggestions we have been given we have tried to no avail. The difference with this ticket, if a Tor dev is actually willing to put some time into investigating, I can provide full server access to an under attack hidden service so it can be actively monitored and hopefully resolved. I beg that someone helps with this, it has been going on for years with no real solutions to similar attacks.
Trac:
Username: HelpDOS