[tor-relays] Email suggesting to send DNS requests to a specific open DNS

Tyler Johnson tylrcjhnsn at gmail.com
Tue Sep 12 16:24:21 UTC 2017


This guy sure is persistent!

Check out this recent thread:
https://lists.torproject.org/pipermail/tor-relays/2017-September/012934.html



On Sep 12, 2017 11:17, <jpmvtd261 at laposte.net> wrote:

> Hello,
>
> Recently, I installed a new Tor exit node. A few days later, I received an
> email on the address given in the node contact information. This email
> suggests to change the DNS server my node use, and gives me a specific IP
> address to use.
>
> Here is the mail (obfuscated with sharps) :
>
> EMAIL BEGIN
> ***********************************
> * Sender : info AT backplanedns DOT org
> * Subject : Your TOR node
> * Body :
> **
> ** Hello,
> **
> ** I came across your TOR relay on atlas. I run a few relays myself
> ** along with a bunch of DNS resolvers which are a part of the Open
> ** Root Server network (ORSN.org) - aimed to fight internet
> ** censorship and circumvent government surveillance programs
> ** (ie. prism).
> **
> ** I hope you may be interested in using our anonymous open DNS
> ** resolvers on your relays.
> **
> ** https://BackplaneDNS.org
> **
> ** Resolver - 172.98.193.4#
> **
> ** Resolver - 162.248.241.9#
> **
> ** ------------------------------------------------------
> **
> ** Hostmaster@:
> ** Mr. D##### E#### H#####
> **
> ** Phone:
> ** +1 (###) ###-####
> **
> ** E-Mail:
> ** info AT backplanedns DOT org
> ** abuse DOT backplanedns DOT org
> **
> ** Linkedin:
> ** http://linkedin.com/in/d####-######-#########/
> ***********************************
> EMAIL END
>
> I think it could be an attack. If this person send this email to every new
> exit node operators, there may be a small percentage of rookie operators
> who will make the change. I found this webpage about Tor exit nodes and DNS
> :
> https://nakedsecurity.sophos.com/2016/10/05/unmasking-tor-users-with-dns/
>
> What do you think about this email ?
>
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170912/df188087/attachment.html>


More information about the tor-relays mailing list