[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Analyzing TOR-exitnodes for anomalies



Hi  *glymr*   :


> I am not adding anything useful, but I wish to add my feeling about this
> situation that people are so rapidly responding to a threat so early.
> 
> :) tor will never die if people like you all are on it. (which reminds
> me i've blathered about writing a dns proxy patch for tor so dns leaks
> are a thing of the past, and i bloody better do something serious about
> it DANGIT!)
> 
> dns poisoning is of course a bigger problem than tor, there has been
> discussion about the 'splitting of the root' some months ago as it turns
> out that dns servers will give out different addresses depending on the
> nation of locality. This is a very serious problem and extends beyond
> the domain of the tor network. I have no idea where to point people with
> regard to this subject but I hope someone who has a bee in their bonnet
> about it will very shortly.

Alexander W. Janssen hypothesis is based on "suspected" exit nodes with
a policy allowing an exit to port 80 ... 

My point is somewhat different: a second hypothesis may be based on
the exit nodes with an exit policy to port 53 ...

Here we have different possibilities:
exit nodes with exit policy allowing port 53 (only)
exit nodes with exit policy allowing port 80 (only)
exit nodes with exit policy allowing ports 80 and 53 (only)
exit nodes allowing 80, 53 and other ports

In order to check if the Port 53 is valid or not I guess the easiest[?] way 
is to contact poeple responsible for these exit nodes and ask them which
DNS server the're using... So these DNS server may be checked by other 
poeple...

Hmmmm... there's also poeple with local DNS server...  :-/

I guess the main problem with this issue is the lack of data.
We need more facts about this from Tor users ...

Well... I have no "bee in my bonnet"...  :-/

:)

-- 
Claude LaFrenière