[tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
Dennis Emory Hannon
info at backplanedns.org
Sun Aug 6 20:28:46 UTC 2017
https://backplanedns.org/TOR_exit_dns_resolver_howto.htm
I took the liberty in including the S for you.
-Dennis
-----Original Message-----
From: Roman Mamedov [mailto:rm at romanrm.net]
Sent: Sunday, August 06, 2017 4:17 PM
To: Dennis Emory Hannon
Cc: tor-relays at lists.torproject.org
Subject: Re: [tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
On Sun, 6 Aug 2017 16:03:53 -0400
"Dennis Emory Hannon" <info at backplanedns.org> wrote:
> I decided to make a quick starter guide to introduce using a local
> resolver for tor-exit node operators. I'd like to solicit some of your
> feedback on things that should be added or improved upon. Hopefully
> this will be a living document - My goal is to help lower the amount
> of TOR exit relays using 3rd party DNS providers for client DNS
> lookups. While it doesn't address all security concerns, it's a
> necessary step to improving anonymity of TOR's users. Let me know what you
think.
>
> Guide is meant for debian/linux users
> http://backplanedns.org/TOR_exit_dns_resolver_howto.htm
> ...
> in the clearweb are being probably being logged. In this simple
> tutorial ...
Your tutorial is in the clearweb itself, and probably not only being logged,
but also can be MITMed to include all sorts of malicious instructions and/or
rewrite the recommended third party resolver IPs to an attacker-controlled
ones.
Why not use HTTPS for the website? Doubly weird that you want to educate
others on security topics, and then don't follow the best practices
yourself.
--
With respect,
Roman
More information about the tor-relays
mailing list