I just had 213.26.168.50 perform a denial of service against Tor26. It opened over 5000 connections to tor26, which not only ate a bit of CPU, but also used up all available file descriptors, causing tor26 to drop new connections: Jul 23 13:26:11.701 [notice] accept failed: Too many open files. Dropping incoming connection. Please implement some limit of connections per clients. There are a few other minor abusers too, which probably means this also could use some thinking at the client: sudo netstat -na | grep 86.59.21.38 > 38 cat 38 | grep ESTABLISHED | awk '{print $5}' | sed -e 's/:.*//' | sort | uniq -c | sort -n | tail [..] 11 61.60.x.y [slightly anonymized] 13 212.249.x.y 16 59.120.x.y 19 81.120.x.y 25 65.122.x.y 31 202.185.x.y 32 125.16.x.y 5649 213.26.x.y cheers, [Automatically added by flyspray2trac: Operating System: All]