Tor has been working extremely slowly for the last 1-2 weeks already. It takes several minutes in order to download a simple webpage. I don’t know whether it’s a Whonix-specific issue or not, but I’ve tried several obfs4 bridges as entry nodes, but Tor is still working very slow.
There was a thread on r/TOR
https://www.reddit.com/r/TOR/comments/1cnmsdz/tor_extremely_slow_lately/
and other users are also reporting they have issues with slow Tor connections. Can you confirm the issue?
Are DDoS attacks possible via TCP? Because I was only possible via UDP.
However, Tor works quite quickly for me and I also use Bridge.
Reddit users are reporting they have problems with Tor network speed. NTH Tor relay operator says it’s a massive attack against Tor relays nowadays.
There is a thread on Tor Project forum and people are confirming the issue. The problem is now marked as a bug:
What type of a pluggable transport are you using?
General Tor network question. Unspecific to Whonix.
Yes. TCP SYN flood attack can be performed.
A SYN flood is a form of denial-of-service attack on data communications in which an attacker rapidly initiates a connection to a server without finalizing the connection. The server has to spend resources waiting for half-opened connections, which can consume enough resources to make the system unresponsive to legitimate traffic.
The packet that the attacker sends is the SYN packet, a part of TCP's three-way handshake used to establish a connection.
When a client attempts to start a TCP conne...
Some of Tor relay operators have confirmed a DDoS attack against their nodes:
I’ve been experiencing overload on both my relays, which is not the usual. Running 2 relays on 4 cores and 8GB of RAM. RAM is not an issue but CPU load is usually at 60%. These last days it’s been over 80-85%, getting warnings from time to time...
It means Tor infrastructure is under heavy DDoS attack these days.
1 Like