[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: How to strictly exclude exit nodes?



4 and 5 hop circuits can be created when contacting or publishing
hidden services and, I believe, sometimes when retrieving directory
information. Many nodes run directories on port 443, so that's not
particularly unusual.

For the thread as a whole, I still think the problem is that this exit
node is being *explicitly* requested (www.google.com.blabla.exit), and
that it would never be chosen automatically by tor itself, as I stated
in my first message. StrictExitNodes is an irrelevant setting.

- John Brooks

On Sat, Sep 27, 2008 at 7:55 AM, Anon Mus
<my.green.lantern@xxxxxxxxxxxxxx> wrote:
> Li-Hui Zhou wrote:
>>
>> On Fri, 26 Sep 2008 11:12:09 +0200
>> Martin Balvers <m.balvers@xxxxxxxxxx> wrote:
>>
>>
>>>
>>> Li-Hui Zhou wrote:
>>>
>>>
>>>>
>>>> On Thu, 25 Sep 2008 18:19:24 -0700
>>>> "F. Fox" <kitsune.or@xxxxxxxxx> wrote:
>>>>
>>>>
>>>>>
>>>>> When choosing nodes to *use* exclusively, this line has to be added, in
>>>>> addition to the ExitNodes line:
>>>>>
>>>>> StrictExitNodes 1
>>>>>
>>>>>
>>>>
>>>> There's no such options right now.
>>>>
>>>>
>>>>
>>>
>>> There is, see http://www.torproject.org/tor-manual.html.en for details.
>>>
>>
>> If it's StrictExitNodes option that your're talking, I think it only
>> applied when there's specific exit nodes with option ExitNodes. I'm not
>> sure if it's working with blacklist set by ExcludeNodes or
>> ExcludeExitNodes.
>>
>> BTW, there's a warn with StrictExitNodes 1
>>
>> [warn] StrictExitNodes set, but no ExitNodes listed.
>>
>>
>>
>
> I was using Tor stable install (v0.2.0.30 (r15956)) & Vidalia 0.1.8
> on win2k and ExcludeNodes does not appear to work.
>
> (or-talk "TOR v0.2.0.30 (r15956) - ExcludeNodes appears to fail" August 25th
> 2008)
>
> Maybe the problem is related.
>
> Curiously, I have also seen three instances 4 hops circuits and a single
> instance of a 5 hop circuit built, according to vidalia's connection map.
> Also all 4 circuits had a a curious IP address target with a UID:443 port
> exit node, when I was not requesting any traffic!
>
> Not sure quite what to make of it.
>
> Am I trojaned, with a special version of TOR, that does 4 and 5 hop circuits
> when it dials home?
>
>
> -K-
>