[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is this a Tor exit node connecting to me?



On 2007-3-25 2:32 CST(UTC+8), Joseph B. Kowalski wrote:
> So anyways, I have implemented a Tor DNSBL server interface. The 
> address of the DNSBL is "tor.dnsbl.nighteffect.us".

Cool!

> Here are some details on how to use it:
> 
> ==============================================
> 
> The DNSBL server responds to two different types of 'A' record 
> queries:
> 
> 1) The first type is to simply provide an answer as to whether a 
> given IP is an active Tor server or not. So, assuming the DNSBL 
> domain name is 'tor.dnsbl.nighteffect.us', and you want to check if 
> IP '1.2.3.4' is a Tor server, you would send the following 'A' 
> record query:
> 
> 4.3.2.1.tor.dnsbl.nighteffect.us
> 
> Note that the octets of the IP address have been reversed, like a 
> PTR record, only this is an 'A' request.
> 
> If '1.2.3.4' is an active Tor server, the DNSBL server will respond 
> with a '127.0.0.2' 'A' record. If '1.2.3.4' is NOT an active Tor 
> server, the DNSBL server will respond with a 'Non-Existent Domain 
> (NXDOMAIN)' error.

A small issue. When I query the DNSBL server for my slow, middleman only
(reject *:*) server, it returns 127.0.0.2. Is it a good idea to include
non-exit Tor servers in this list?

Hanru