News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

State of Tor DDoS Protections : Dread | Torhoo darknet markets

I am interested in the current state of Tor's DDoS protection system. Since Dread is frequently attacked and uses its own EndGame protection system, I don't believe there's a better place to ask than here.

It seems that EndGame still uses Onionbalance, which is incompatible with Tor's new PoW DDoS protection system.

My questions are:

1) Why is it worthwhile for Dread to scale using Onionbalance and EndGame instead of the PoW protection system?

2) Dread uses a proxy approach whereby EndGame proxies connections to the actual backend Onion Service upon successful capture. What is the benefit of this approach? Is it to protect Dread's backend servers from deanonymization due to failed relays in the event that EndGame fails?

3) Is there anything special about EndGame related to Tor? Or is it simply an efficient capture system that uses Onionbalance and closes connections upon failure?

Thanks!
/u/LibertyExchange 🍼
2 points
1 day ago
Endgame is not incompatible with PoW, for more info: /d/EndGame
/u/wanzot 📢 🍼
1 points
1 day ago
EndGame scaling requires OnionBalance, which is currently incompatible with PoW because PoW parameters are not propagated to the OB instance.
/u/LibertyExchange 🍼
2 points
1 day ago
The current recommendation is GoBalance. Kindly, take a look at the V3 ReadMe.
/u/wanzot 📢 🍼
1 points
20 hours ago
Thanks for the link. I was not aware of the dedicated subdread for EndGame. I will study the code.
/u/HugBunter A
2 points
1 day ago
1. OnionBalance is more effective than PoW still at this point. PoW isn't perfect and it mainly protects the network from harm, before solving accessibility to a hidden service.

2. Using a proxy pass on an external load balancing server with EndGame has the benefit of having disposable, cheap servers that are detached from the backend, to prevent harm from an attack hitting the actual backend and also creating isolation, so no end user is ever actually accessing the backend directly, of course this has many benefits for improving the anonymity of the backend servers also. Front servers could be deanonymized at any time and potentially seized and they can be replaced at a moments notice.

The other important part to using EndGame is isolation of the onion private key. Our main Dread onion has never and will never be present on any of our servers, so the onion cannot be seized. OnionBalance runs on a completely unrelated server and simply pushed descriptors to the network with the instances pointed to endgame onion addresses. No traffic goes through that server at all so it is completely separated.

3. EndGame has a lot of smart filtering tailored to Tor client connections and using extremely low resource generation for captchas which makes it ideal for handling attack loads. It also has built in functionality for directly killing attacking Tor circuits. I'm not sure if this feature is currently present in the public release however, it should only be used in certain cases as it has downsides to it with the resource usage for killing circuits.
/u/byballotbybullet
1 points
1 day ago
Are there parts about your overall design that you don't mind/shouldn't reveal vs. parts that are fine to reveal?

I also ask because I wonder if there's a guide to something like the minimum level of security a market should have to be able to participate? Do you and /u/Paris do any consultation work for DNMs or is this what pen testing is about?

Cheers
/u/wanzot 📢 🍼
1 points
1 day ago*
Thank you very much for your reply!

2.1) Are you using PoW DDoS protection for the connection between EndGame and the backend server? Is there any reasoning for or against doing so?

3.1) How does EndGame kill the attacking Tor circuits? Does it do so by dropping the connection after a failed capture via Tor's control port?

3.2) What does a DDoS attack look like in EndGame terms? Which resource is the issue here? Is it the Tor network itself, the CPU, memory, or traffic? I cannot imagine attacks becoming extremely strong due to the limited amount of Tor traffic. However, I would like to hear an expert's opinion on the matter.
/u/Scarab
1 points
1 day ago
Are you using Tor to connect to your disposable servers, like on port 22? Is the database on a different server?
/u/Ahello
1 points
1 day ago
Listen here buster that is a business secret and only the top accounts are in the know, like my boyfriend /u/kevin
/u/wanzot 📢 🍼
1 points
1 day ago
The exact filtering method may need to remain secret, but the DDoS protection infrastructure should not. Besides, if you and your friends know about it, then it's not a secret.
/u/Ahello
1 points
21 hours ago
True, It's kind of like I don't know the source code of Windows 10 we the public don't know what it is (Unless there was a leak I don't know of) but the people working in Microsoft know what it is
/u/Kevin
1 points
23 hours ago
Kevin doesn't have any boyfriends.
/u/Ahello
1 points
21 hours ago
Different Kevin
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo