[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Safe destinations

Gregory -

I have been struggling with a similar question. I do not have an answer as to the perfect list of 'safe' sites (wikipedia is at the top of my list). But I have authored a bash script to turn a list of domains ( mail.google.com, wikipedia.com, etc.com) into rules....

The following script looks for a file called torTarget.txt, and for each FQDN it:
- Looks up the first ip on the DNS record
- Assigns port 80 by default
- If the word "mail" appears in the FQDN, then I assume that this is a webmail service and force port 443
- Adds google talk

The output needs to be placed in the torrc file by hand and replace any existing policies.

Here is the script:

# If dig fails, try installing the dnsutils package
# e.g. sudo apt-get install dnsutils

echo "# Target List Generated `date`"
echo "#"

cat torTargets.txt | sort -f | while read site

 if echo $site | grep -q "mail"

 dig +short $site | sort | head -n 1 | while read ip

  echo "ExitPolicy accept\t $ip:$port    \t# $site "

echo "ExitPolicy accept\t *:5222 \t# Google Talk"
echo "ExitPolicy reject    *:*"
echo "# End of Exit Policy"
echo "#"


On Thu, Jul 2, 2009 at 11:12 PM, Gregory Maxwell <gmaxwell@xxxxxxxxx> wrote:
There are many people who would like to run tor exits but whom don't
because of the inevitable flood of abuse complaints.

At the same time, there are a great many high traffic destinations on
the internet which have little to no complaint potential because they
are effectively read-only or are otherwise understood to be
tor/anonymity friendly.