[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Earthlink's broken DNS affecting Tor nodes?



yes, it is a bad thing. the easiest thing to do (if you are running tor on a unix box) is to install BIND 9 as a caching nameserver, and configure your resolver library to use BIND instead of your ISP's nameservers (man resolv.conf).

Most modern unix distributions come with BIND 9, and just require you to enable them somewhere like /etc/rc or /etc/sysconfig.

Anyone running tor should consider doing this, as you'll be making name resolution almost an order of magnitude faster; in addition to not having to trust nameservers configured to lie by a marketing department.

If you're running Windows; well, good luck.

matto

On Mon, 4 Sep 2006, Jay Goodman Tamboli wrote:

I'm currently running a Tor node (phrenograph) on an Earthlink DSL connection, and they've recently started returning a "help" site's IP instead of NXDOMAIN when a DNS lookup is requested for a nonexistent site. See [1] for more. Should I be concerned about this change's effect on the Tor network, since presumably DNS lookups I do are no longer perfect? If it does have a detrimental effect, is there a way to block DNS lookups in my exit policy?

/jgt

1. http://slashdot.org/article.pl?sid=06/09/03/1359221
--
http://tamboli.cx/
PGP Key ID: 0x7F2AC862B511029F



--matt@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx<darwin><
  Moral indignation is a technique to endow the idiot with dignity.
                                                - Marshall McLuhan