On Mon, 2009-07-06 at 10:40 -0700, Chris Humphry wrote: > Damit! > > It just happened again. This is starting to worry me a little bit. > Am I really the only person who uses TBB and who is experince this > issue? > > I just started a new session of TBB and I have found a 3rd IP 'bad' > address: > > IP: 67.166.145.75 > > FQDN: c-67-166-145-75.hsd1.ca.comcast.net > --- On Mon, 7/6/09, Chris Humphry <humphry.chris@xxxxxxxxx> wrote: > Can someone *please* respond to my message this time? Can you tell me > why this is happening? Or maybe just fix it? > > "I just started a session of TBB (current release) and when the > homepage opened up it told me I was not connected to the Tor network. > So I went to TorCheck and it told me the same thing. Then I used > NewNym (via 'New Identity' in Vidalia) and with the new Exit node IP > both TorCheck and the homepage for TBB now show I am connected to the > network." > > Last month the IP address I came across was: 76.73.58.224 > > Just now I came across another IP address: 78.53.96.30 > What you are experiencing happens from time to time and is completely normal. If the IP you are showing on the TorCheck page isn't your own, then you're probably ok. The reason that this happens is that there is a desync between when your node learns about freshly started exits and when various tools update their caches. Your node may pickup and use a new exit node that has not yet been grabbed into the cache backing the TorCheck page. This also applies for the TorStatus listing over at kgprog. These generally work off cached copies of authority statuses, not authorities themselves. In this way, the TorCheck page is biased toward false positives than false negatives, which is the preference. It would be much worse to let someone who needs to use the network to think they were anonymized when they really weren't than it would be to tell someone who was properly anonymized that they may not be using the network. Also, I just checked the IP address that you listed above. It is now listed as an exit in the TorStatus page, but with an uptime of less than a day. Hence, it fits well into this scenario. You can always check to see if the node is listed in your cached-descriptors: ~$ grep 67.166.145.75 /var/lib/tor/cached-descriptors router AlladinSane 67.166.145.75 443 0 9030 reject 67.166.145.75:* A quick heuristic looking at this notes that it rejects exits to itself. As this is part of the default exit policy, you can reasonably assume this node is set up to be an exit. -- Marcus Griep GPG Key ID: 0x070E3F2D —— https://torproj.xpdm.us Ακακια את.ψο´, 3°
Attachment:
signature.asc
Description: This is a digitally signed message part