Thus spake Mike Perry (mikeperry@xxxxxxxxxx):
> Thus spake Gregory Maxwell (gmaxwell@xxxxxxxxx):
> > As far as that exit policy goes, the RFC1918 blocks might be there in
> > an ignorant attempt to trigger the exit flag for completely benign
> > reasons, though sniffing sounds more likely.
>
> I agree. We already have scripts to detect this, we just have not yet
> decided to actually use them yet. I believe we should.
>
> Currently, 5 nodes exit to *only* plaintext ports for web and email.
> There are about 50 others that exit to the plaintext versions for web
> or email.
>
> I believe we hould ban these 5 immediately, and consider banning the
> other 50 after issuing the appropriate announcements.
Sorry, the 5 are:
NOTICE[Sat Jan 29 20:56:43 2011]:Nodes allowing plaintext but not secure:
ElzaTorServer=009E71AED2C5580E942AC1743D1C440C5B2C459E
QuantumSevero=4BF2F90E6E1905E2FB4F371E471422150D722A93
gatereloaded=550CC9724FA77C7F9260B93989D22A70654D3B92
oompaloompa=775DF6B8CF3FB0150A594F6E2B5CB1E0AC45D09B
oompaloompa2=BABBF0694251E5AFF7BF3A0A02EFDC12CB99B05F
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs
Attachment:
pgpIJsgxiR3IA.pgp
Description: PGP signature