[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TOR on Academic networks (problem)

To: or-talk@xxxxxxxxxxxxx
Subject: Re: TOR on Academic networks (problem)
From: Watson Ladd <watsonbladd@xxxxxxxxx>
Date: Tue, 16 May 2006 20:57:59 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 16 May 2006 20:58:42 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:mime-version:in-reply-to:references:content-type:message-id:content-transfer-encoding:from:subject:date:to:x-pgp-agent:x-mailer; b=saXi/MM4cgn+jFpFj9nhBmt9GSuJlvqTTzFMyN2bAQqC1j+Bj6LVDXC3by2hkT0ruU+y3DfBvnt6P1Hb8JXPV6WJE4UolBdFyAoMv5vzotyBU9z+c1wCH0wbYSOk4mP8bPqr6UtDFE/LJlmKvBgHR+lOJy/yWNftvyumGTO8T1A=
In-reply-to: <928946aa0605161747g6f06bb6ax1dc70cde18a9ab6e@mail.gmail.com>
References: <4469CA02.1040007@csuohio.edu> <928946aa0605161301l5cfb6a19m5b35779de6ee3be8@mail.gmail.com> <446A36C0.7090408@csuohio.edu> <20060517001455.GF3360@asteria.noreply.org> <91D9253E-23A8-4F78-9A94-9B60975BAB0C@gmail.com> <928946aa0605161747g6f06bb6ax1dc70cde18a9ab6e@mail.gmail.com>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On May 16, 2006, at 8:47 PM, Joseph Lorenzo Hall wrote:

On 5/16/06, Watson Ladd <watsonbladd@xxxxxxxxx> wrote:
The correct way is to put the IP's in a deny list in the config file.
This is not an option... I estimated using Netcraft's SearchDNS and
the regexs that Berkeley uses for their library proxy that this would
be an exit policy *on the order of* 10,000 entries long.

10,000 IP addresses, or domain names? We only need to block the webservers. btw, how does the library proxy handle this much? I think tor can do regex matching on the ip/hosts.

As Roger has made clear elsewhere, the current directory protocol
won't scale well with exit policies of this length (or really in
general) and it would be better for the network for these nodes to
operate a middleman node instead.  This is why a few of us on dorky
academic networks are trying to find other solutions. best, Joe

I think the best thing is to use a nice tree for all directory lookups. Something tells me tor uses a slow linear search through the file if it's not scaling O(lg n).

--
Joseph Lorenzo Hall
PhD Student, UC Berkeley, School of Information
<http://josephhall.org/>

Sincerely, Watson Ladd - --- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." - -- Benjamin Franklin


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)

iD8DBQFEanUXGV+aWVfIlEMRAlu4AKCExfVMpSQpM/54cLy6J7Nj0GlrYgCgoCDo
zri/ndbMuXrMV4zusSTTLc0=
=dVsU
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: TOR on Academic networks (problem)
  - From: Joseph Lorenzo Hall

References:
- TOR on Academic networks (problem)
  - From: Michael Holstein
- Re: TOR on Academic networks (problem)
  - From: Joseph Lorenzo Hall
- Re: TOR on Academic networks (problem)
  - From: Michael Holstein
- Re: TOR on Academic networks (problem)
  - From: Peter Palfrader
- Re: TOR on Academic networks (problem)
  - From: Watson Ladd
- Re: TOR on Academic networks (problem)
  - From: Joseph Lorenzo Hall

Prev by Author: Re: TOR on Academic networks (problem)
Next by Author: P2P revisited.
Previous by thread: Re: TOR on Academic networks (problem)
Next by thread: Re: TOR on Academic networks (problem)
Index(es):
- Author
- Thread