Re: Earthlink's broken DNS affecting Tor nodes?

[Matt Ghali <matt@xxxxxxxxx>]

yes, it is a bad thing. the easiest thing to do (if you are running 
tor on a unix box) is to install BIND 9 as a caching nameserver, and 
configure your resolver library to use BIND instead of your ISP's 
nameservers (man resolv.conf).

Most modern unix distributions come with BIND 9, and just require 
you to enable them somewhere like /etc/rc or /etc/sysconfig.

Anyone running tor should consider doing this, as you'll be making 
name resolution almost an order of magnitude faster; in addition to 
not having to trust nameservers configured to lie by a marketing 
department.

If you're running Windows; well, good luck.

matto

On Mon, 4 Sep 2006, Jay Goodman Tamboli wrote:

> I'm currently running a Tor node (phrenograph) on an Earthlink DSL connection, 
> and they've recently started returning a "help" site's IP instead of NXDOMAIN 
> when a DNS lookup is requested for a nonexistent site. See [1] for more. 
> Should I be concerned about this change's effect on the Tor network, since 
> presumably DNS lookups I do are no longer perfect? If it does have a 
> detrimental effect, is there a way to block DNS lookups in my exit policy?
>
> /jgt
>
> 1. http://slashdot.org/article.pl?sid=06/09/03/1359221
> --
> http://tamboli.cx/
> PGP Key ID: 0x7F2AC862B511029F


--matt@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx<darwin><
  Moral indignation is a technique to endow the idiot with dignity.
                                                - Marshall McLuhan