[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Is this a Tor exit node connecting to me?
On Sun, 25 Mar 2007, Joseph B. Kowalski wrote:
On Sun, 25 Mar 2007 03:20:10 -0700 Pei Hanru <peihanru@xxxxxxxxx>
A small issue. When I query the DNSBL server for my slow,
(reject *:*) server, it returns 127.0.0.2. Is it a good idea to
non-exit Tor servers in this list?
Yes, since when you are performing the first type of query, you are
simply asking whether an IP address is an active Tor server or not,
of any kind. Now, if anyone wanted to see if your Tor server would
exit to their location or not, they could perform the second type
of query (See my original post for details on the two query types,
if necessary), which, in your case, would always return NXDOMAIN
since you don't allow any exiting.
Please consider returning a different A record for the first query
type to allow differentiation between exit nodes and middlemen.
Returning 127.0.0.2 for exit nodes and 127.0.0.3 for middleman nodes
will allow sendmail dnsbl configurations to easily do the 'right'
Moral indignation is a technique to endow the idiot with dignity.
- Marshall McLuhan