[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Earthlink's broken DNS affecting Tor nodes?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alternatively, you can use OpenDNS's servers. See www.opendns.com.
OpenDNS is very easy (just use their IP addresses), and quite fast. On
the other hand, caching can be fast too, and give you slightly more
security, as you'll be sending less requests, thus making traffic
analysis a tad more labor intensive. Would you concur, Matt?

~Andrew

Matt Ghali wrote:
> yes, it is a bad thing. the easiest thing to do (if you are running
> tor on a unix box) is to install BIND 9 as a caching nameserver, and
> configure your resolver library to use BIND instead of your ISP's
> nameservers (man resolv.conf).
>
> Most modern unix distributions come with BIND 9, and just require
> you to enable them somewhere like /etc/rc or /etc/sysconfig.
>
> Anyone running tor should consider doing this, as you'll be making
> name resolution almost an order of magnitude faster; in addition to
> not having to trust nameservers configured to lie by a marketing
> department.
>
> If you're running Windows; well, good luck.
>
> matto
>
> On Mon, 4 Sep 2006, Jay Goodman Tamboli wrote:
>
>> I'm currently running a Tor node (phrenograph) on an Earthlink DSL
>> connection, and they've recently started returning a "help" site's
>> IP instead of NXDOMAIN when a DNS lookup is requested for a
>> nonexistent site. See [1] for more. Should I be concerned about
>> this change's effect on the Tor network, since presumably DNS
>> lookups I do are no longer perfect? If it does have a detrimental
>> effect, is there a way to block DNS lookups in my exit policy?
>>
>> /jgt
>>
>> 1. http://slashdot.org/article.pl?sid=06/09/03/1359221
>> --
>> http://tamboli.cx/
>> PGP Key ID: 0x7F2AC862B511029F
>>
>
>
> --matt@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx<darwin><
>   Moral indignation is a technique to endow the idiot with dignity.
>                                                 - Marshall McLuhan
>
>
>

- --
Frivolous lawsuits. Unlawful government seizures. It's a scary world
out there!
Protect your privacy, keep what you earn, and even earn more income at:
http://www.KeepYourAssets.net/?andrew

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE/JhAgwZR2XMkZmQRAsyLAKCdx3NODJNMw2gDew2uuBvW8zV48wCfXZRf
UyW2WUAYmmROby973sMn0ss=
=dgs7
-----END PGP SIGNATURE-----