[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Exit node blocking site?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Exit node blocking site?
From: Michael Holstein <michael.holstein@xxxxxxxxxxx>
Date: Sun, 19 Feb 2006 16:28:33 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Sun, 19 Feb 2006 16:28:51 -0500
In-reply-to: <004201c634bf$3506e500$0a0aa8c0@none>
References: <43F6B51C.404@hpeters.net> <43F6CDEA.5060501@hpeters.net> <004201c634bf$3506e500$0a0aa8c0@none>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.7.1 (X11/20040626)

There are several sites that do sendmail-style DNS RBL'ing of TOR .. one (which I found sort of accidentilly) is AHBL.org. TOR ops also publish a python script which will extract all the IPs of exit nodes as well.

I actually block access to groups.google.com and groups.l.google.com by putting them as 127.0.0.2 in /etc/hosts -- but I noticed that TOR is smart enough to notice that the address will resolve to an IP prohibited by the exitpolicy, and not even try.

As for BitTorrent, the TOR box is behind our campus Packeteer, so while someone might think that they'll get advertised rate, they'll really only dribble out at 64kbps. Same with any other P2P app that tries to be sneaky by using another port.

Keep in mind TOR is not so you can "research" illegal software, and that suggesting you're doing so makes you an easy target -- you expose yourself to liability by suggesting you use (or host) TOR to allow people to do illegal things.

Cheers,

Michael Holstein CISSP GCIA
Cleveland State University

PS: you can control the exit node by appending [nodename].exit to the DNS name you attempt to resolve .. eg: www.foo.com.serifos.exit would make it exit via 'serifos', and if that node dosen't allow it, you'll get an error in your client.

M wrote:

I was unable to go to http://piratebay.org when exit node was 70.230.73.20.
All I got was an error, "Connection: close". Everything else was working
fine.
After couple of browser reload tries I restarted my Tor client, exit node
changed and I was able to open the site in question.
I dont think it's right that exit nodes censor stuff, of course I understand that some exit node operators feel like it's necessary. Well ok, I think that it's ok to censor CP.
No, I was not seeking any illegal warez, I was doing hmmmm... Research! :P
Well to be honest, I was looking one pre-release which I'm _really_ going to buy when it gets to stores. Didn't find it, oh the waiting... I'm not a fan of "warezing" some little bands albums... If I really like it I will buy it except if album has some shitty "copy protection".
Well, thats my 2 cents =)
M

Follow-Ups:
- Re: Exit node blocking site?
  - From: Roger Dingledine

References:
- BandwidthRate does this actually work ?
  - From: Harley Peters
- Re: BandwidthRate does this actually work ?
  - From: Harley Peters
- Exit node blocking site?
  - From: M

Prev by Author: here's a fun one ..
Next by Author: Re: Exit node blocking site?
Previous by thread: Re: Exit node blocking site?
Next by thread: Re: Exit node blocking site?
Index(es):
- Author
- Thread