[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Earthlink's broken DNS affecting Tor nodes?
yes, it is a bad thing. the easiest thing to do (if you are running
tor on a unix box) is to install BIND 9 as a caching nameserver, and
configure your resolver library to use BIND instead of your ISP's
nameservers (man resolv.conf).
Most modern unix distributions come with BIND 9, and just require
you to enable them somewhere like /etc/rc or /etc/sysconfig.
Anyone running tor should consider doing this, as you'll be making
name resolution almost an order of magnitude faster; in addition to
not having to trust nameservers configured to lie by a marketing
department.
If you're running Windows; well, good luck.
matto
On Mon, 4 Sep 2006, Jay Goodman Tamboli wrote:
I'm currently running a Tor node (phrenograph) on an Earthlink DSL connection,
and they've recently started returning a "help" site's IP instead of NXDOMAIN
when a DNS lookup is requested for a nonexistent site. See [1] for more.
Should I be concerned about this change's effect on the Tor network, since
presumably DNS lookups I do are no longer perfect? If it does have a
detrimental effect, is there a way to block DNS lookups in my exit policy?
/jgt
1. http://slashdot.org/article.pl?sid=06/09/03/1359221
--
http://tamboli.cx/
PGP Key ID: 0x7F2AC862B511029F
--matt@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx<darwin><
Moral indignation is a technique to endow the idiot with dignity.
- Marshall McLuhan