The IP addresses of Tor routing nodes are exposed to public view via consensus files, so why haven’t some attackers launched traditional DoS attacks on routing nodes? It results in every routing node being unavailable or offline.
It was done several times with some attacks lasting for months.
1 Like
Not often.
Over 10 years running guard relays there has only been once, around October of 2021, where it was significant enough to require special firewall rules to avoid exhaustion of the server resources.
There are many smaller attacks happening all the time.
There are 8000+ Tor relays so DoS does require significant effort and resources.
There was a different and likely more effective attack recently where Tor relay addresses were used to spoof packets sent to a company who emailed automated abuse complaints to the Tor relay hosting providers and caused some people to lose their hosting.