Earthlink's broken DNS affecting Tor nodes?
Andrew Del Vecchio
firefox-gen at walala.org
Mon Sep 4 21:18:56 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alternatively, you can use OpenDNS's servers. See www.opendns.com.
OpenDNS is very easy (just use their IP addresses), and quite fast. On
the other hand, caching can be fast too, and give you slightly more
security, as you'll be sending less requests, thus making traffic
analysis a tad more labor intensive. Would you concur, Matt?
~Andrew
Matt Ghali wrote:
> yes, it is a bad thing. the easiest thing to do (if you are running
> tor on a unix box) is to install BIND 9 as a caching nameserver, and
> configure your resolver library to use BIND instead of your ISP's
> nameservers (man resolv.conf).
>
> Most modern unix distributions come with BIND 9, and just require
> you to enable them somewhere like /etc/rc or /etc/sysconfig.
>
> Anyone running tor should consider doing this, as you'll be making
> name resolution almost an order of magnitude faster; in addition to
> not having to trust nameservers configured to lie by a marketing
> department.
>
> If you're running Windows; well, good luck.
>
> matto
>
> On Mon, 4 Sep 2006, Jay Goodman Tamboli wrote:
>
>> I'm currently running a Tor node (phrenograph) on an Earthlink DSL
>> connection, and they've recently started returning a "help" site's
>> IP instead of NXDOMAIN when a DNS lookup is requested for a
>> nonexistent site. See [1] for more. Should I be concerned about
>> this change's effect on the Tor network, since presumably DNS
>> lookups I do are no longer perfect? If it does have a detrimental
>> effect, is there a way to block DNS lookups in my exit policy?
>>
>> /jgt
>>
>> 1. http://slashdot.org/article.pl?sid=06/09/03/1359221
>> --
>> http://tamboli.cx/
>> PGP Key ID: 0x7F2AC862B511029F
>>
>
>
> --matt at snark.net------------------------------------------<darwin><
> Moral indignation is a technique to endow the idiot with dignity.
> - Marshall McLuhan
>
>
>
- --
Frivolous lawsuits. Unlawful government seizures. It's a scary world
out there!
Protect your privacy, keep what you earn, and even earn more income at:
http://www.KeepYourAssets.net/?andrew
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE/JhAgwZR2XMkZmQRAsyLAKCdx3NODJNMw2gDew2uuBvW8zV48wCfXZRf
UyW2WUAYmmROby973sMn0ss=
=dgs7
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list