[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor WORKS / Norwegian DNS (partly) compromized



> If this is true, the answer to the strange DNS query is likely that
> NextGenTel is using a filter service developed by the Norwegian Police
> on their DNS queries to stop this type of traffic. I think that being
> registered here is a verification for that the address already is
> reported to (at least) the Norwegian authorities.
>
> BTW. This filter is possible to implement on exit nodes, but I have
> found too little information on how the filter works. (Yes, I know, some
> people think that all censorship is bad, but if they stop only reported
> illegal sites, it might be worth discussing.)
>
> Whether the or-talk list is the correct place for this I don't know, the
> developers can stop the thread.
>
> If we already stop spam and bittorrent I think this is much worse!

I did a whole lot of checking. Tor (tor.eff.org) DOES resolve from within the 
NGT network. Some DNS names resolve and other's don't when using their 
nameservers from outside (which I did).

However, NGT and Telenor DOES give false DNS replies to many sites. I've put 
all testing information regarding this here: 
https://ssl.xiandos.info/DNS_censorship

It seems that there is a shared list where NGT redirects to 80.202.4.7 and 
Telenor to 193.213.117.102 on a given list of DNS requests. These both show 
the same page which say you're a bad person.