[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Protecting exit-nodes by GeoIP based policy
lexi@xxxxxxxxxxxxxxxxxxxxxxxxxxxx (Lexi Pimenidis) writes:
>> A. On client side
> ...
> Relying on the client side doesn't help the exit node operators much.
yes; first step still allows malicious clients to bring certain exit-nodes
in trouble.
But I guess/hope, that most clients are interested in an operational/fast
Tor network and want to protect exit-nodes.
>> B. On (exit-)node side
>>
>> 1. add a new option, e.g. 'JurisdictionPolicy' which accepts country
>> codes and perhaps special values like '%same'. Behavior is similar
>> to the client side option mentioned above
>>
>> 2. Tor protocol/meta data must be changed to transmit this option
> ...
> Maybe later today I might write a small bash-script
Due to the enormous amount of rules, it will require more than a bash
script. The Tor protocol must be changed to express such a policy, and
there must be precautions that clients and servers are using the same
GeoIP database. That's nothing which can be done "today" ;)
Or... just a quick idea... what's about an RBL like DNS mapping? E.g.:
1. There exists somewhere a DNS server which maps '<IP>.something'
to an IP like '10.0.0.<CODE>' where <CODE> identifies a country
(e.g. 1...Germany, 2...France...)
2. Tor servers resolve additionally '<IP>.something' and apply the usual
ExitPolicy which contains the IP <-> Country mapping from above.
This requires still changes in both clients and servers but no protocol
changes.
Problems:
1. There must be found a better IP range than 10.0.0.0...
2. DNS lookup must be done in a secure/anonymous way
Enrico