Hi,I just wondered if Tor might be vulnerable to DNS attacks during the bootstrapping phase? Is there a public key of a directory server included in all the Tor download packages to secure the initial contact to the directory servers?
I also want to emphasize again that everybody, but especially Tor node operators, should check that he/she is not vulnerable to DNS cache poisoning, for example by visiting this website:
http://member.dnsstuff.com/tools/vu800113.phpor by querying the TXT record of the domain porttest.dns-oarc.net with a command like 'host -t TXT porttest.dns-oarc.net'.
Sven
Attachment:
smime.p7s
Description: S/MIME cryptographic signature