[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Running an exit node which exits on a different IP than it listens to

On Tue, Jun 24, 2014 at 9:07 AM, Anders Andersson <pipatron@xxxxxxxxx> wrote:
> exit traffic out on an IP that's different from what was advertised.
> However, this made me think that it is perhaps not such a bad idea if
> more exit relays did that, even slower ones. I have access to a couple
> of IP numbers that I could easily configure in this way.
> Basically: Use one IP for Tor traffic, and one IP for exit traffic.
> The Tor traffic IP:Port is what would be advertised to the Tor
> network, and only that.
> The reason would be to minimize the chances of the exit IP ending up
> in some overzealous blacklist. I'm pretty sure that a lot of the
> blacklist operators just scrape the public list of relays and then
> they end up in a lot of places where the customer is not even aware
> what is being blocked. This is painfully obvious to people running a
> non-exit relay from home, when trying to use IRC or other services.
> Is this a good idea to do if you have the resources? Will it cause any
> non-obvious problems? I guess one problem is that check.torproject.org
> will show that you're not using Tor

So what? What's more important to you, helping users get around stupid
consensus scraping RBL blocks and censors, or having check.tpo look pretty?
Tell users to retest after 'new identity' or to test tpo's onion
instead, because:
 "Congratulations. This browser is configured to use Tor."
And learn a little more before they go installing stuff by default and stumbling
about the net assuming all is safe because some little widget told them so.

This has recently been discussed, feel free to implement either model...

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to