Is this a Tor exit node connecting to me?
Pei Hanru
peihanru at gmail.com
Sun Mar 25 10:20:10 UTC 2007
On 2007-3-25 2:32 CST(UTC+8), Joseph B. Kowalski wrote:
> So anyways, I have implemented a Tor DNSBL server interface. The
> address of the DNSBL is "tor.dnsbl.nighteffect.us".
Cool!
> Here are some details on how to use it:
>
> ==============================================
>
> The DNSBL server responds to two different types of 'A' record
> queries:
>
> 1) The first type is to simply provide an answer as to whether a
> given IP is an active Tor server or not. So, assuming the DNSBL
> domain name is 'tor.dnsbl.nighteffect.us', and you want to check if
> IP '1.2.3.4' is a Tor server, you would send the following 'A'
> record query:
>
> 4.3.2.1.tor.dnsbl.nighteffect.us
>
> Note that the octets of the IP address have been reversed, like a
> PTR record, only this is an 'A' request.
>
> If '1.2.3.4' is an active Tor server, the DNSBL server will respond
> with a '127.0.0.2' 'A' record. If '1.2.3.4' is NOT an active Tor
> server, the DNSBL server will respond with a 'Non-Existent Domain
> (NXDOMAIN)' error.
A small issue. When I query the DNSBL server for my slow, middleman only
(reject *:*) server, it returns 127.0.0.2. Is it a good idea to include
non-exit Tor servers in this list?
Hanru
More information about the tor-talk
mailing list