[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Analyzing TOR-exitnodes for anomalies



Hi  *Alexander W. Janssen*   :

> Hi all,
> 
> considering that I heard from several people that they notice strange
> sideeffects since a couple of days - altered webpage, advertisement where no
> ads should be - I started a little investigation if there are any obviously
> bogus exitnodes in the wild:
> 
> http://itnomad.wordpress.com/2006/10/04/analyzing-tor-exitnodes-for-anomalies/
> 
> I welcome you to start your own investigation; if there are really bogus
> exitnodes we should be aware of those and we should know their node's nickname
> to put them on a shitlist.
> 
> This might leed to an escalation in the future when marketeers realize the
> possibilities of altering traffic.
> 
> Comments, ideas, pointers to other projects?
> 
> Alex.

Hmmm...  Bogus exit nodes or bogus DNS servers ?

Is it possible that the strange side effects comes, not from the exit nodes
themselves, but from the DNS server used by these exit nodes ?

A kind of DNS poisonning? (From a local DNS server or Remote DNS server...)
Ref.: http://en.wikipedia.org/wiki/DNS_poisoning

Our suspicions about "bogus exit nodes" must be based on facts 
so I suggest to collect information about this issue here.

What we can do is to report any "strange side effect" including:

the link to the web site
the resulting link with the redirection like the ones we're talking about
the exit node used to access this web site


:)

-- 
Claude LaFrenière