[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: eliminating bogus port 43 exits



     On Fri, 12 Jun 2009 23:14:12 +0200 Nils Vogels <bacardicoke@xxxxxxxxx>
wrote:
>On Fri, Jun 12, 2009 at 9:29 AM, Scott Bennett<bennett@xxxxxxxxxx> wrote:
>> =A0 =A0 I replaced the "ExitPolicy accept *:43" in my torrc file with the
>> following:
>>
>> ###---Limited list of allowed whois exit addresses
>> ExitPolicy accept 192.103.19.12:43 =A0 =A0 =A0# whois access to whois.6bo=
>ne.net
>> ExitPolicy accept 192.149.252.44:43 =A0 =A0 # whois access to whois.arin.=
>net
><etc>
>
>I would like to suggest a functionality to make this a bit more easy:
>Add support for dnsbl's to determine the exitpolicy. I know this would
>be non-trivial to implement, especially given the possible abuse
>scenario's and the fact that exitpolicy's are currently published in
>the directory, but it would be great to have universal "known good"
>and "known bad" destinations that exitnodes could use.
>
     Now that does look like a promising approach, although "dnspl" ("pass"
list) might be a more accurate description in this case than "dnsbl". :)
It would need to be somewhere associated with the tor project, I suspect,
in order to be workable.  But yes, if set up properly, it could be done
on a port-by-port basis, so that the same data base could be used to
identify legitimate servers for other services if the same kind of situation
were identified for other port numbers.  The port 53 traffic to support it
could be minimized by having fairly long TTLs on the A RRs in the data base
and a cacheing mechanism for the A RRs in tor.  Although the final rejection
point for addresses not listed would still be the exit node, clients should
also check during route selection to prevent circuit construction for
destinations that weren't on the pass list.  Perhaps also the ExitPolicy
operands could offer a construction like "ExitPolicy accept dnslookup:43"
to use the feature, whereas the currently existing methods would remain
available as well.
     Another method, of course, would be to add another auxiliary file to
tor like the geoip file.  However, that would entail the same limitations
currently involved in the use of the geoip file, such as long-term retention
and use of obsolete data.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************