[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Exit node blocking site?



There are several sites that do sendmail-style DNS RBL'ing of TOR .. one (which I found sort of accidentilly) is AHBL.org. TOR ops also publish a python script which will extract all the IPs of exit nodes as well.

I actually block access to groups.google.com and groups.l.google.com by putting them as 127.0.0.2 in /etc/hosts -- but I noticed that TOR is smart enough to notice that the address will resolve to an IP prohibited by the exitpolicy, and not even try.

As for BitTorrent, the TOR box is behind our campus Packeteer, so while someone might think that they'll get advertised rate, they'll really only dribble out at 64kbps. Same with any other P2P app that tries to be sneaky by using another port.

Keep in mind TOR is not so you can "research" illegal software, and that suggesting you're doing so makes you an easy target -- you expose yourself to liability by suggesting you use (or host) TOR to allow people to do illegal things.

Cheers,

Michael Holstein CISSP GCIA
Cleveland State University

PS: you can control the exit node by appending [nodename].exit to the DNS name you attempt to resolve .. eg: www.foo.com.serifos.exit would make it exit via 'serifos', and if that node dosen't allow it, you'll get an error in your client.

M wrote:
I was unable to go to http://piratebay.org when exit node was 70.230.73.20.
All I got was an error, "Connection: close". Everything else was working
fine.

After couple of browser reload tries I restarted my Tor client, exit node
changed and I was able to open the site in question.

I dont think it's right that exit nodes censor stuff, of course I understand
that some exit node operators feel like it's necessary. Well ok, I think
that it's ok to censor CP.


No, I was not seeking any illegal warez, I was doing hmmmm... Research! :P

Well to be honest, I was looking one pre-release which I'm _really_ going to
buy when it gets to stores. Didn't find it, oh the waiting... I'm not a fan
of "warezing" some little bands albums... If I really like it I will buy it
except if album has some shitty "copy protection".


Well, thats my 2 cents =)

M