[tor-dev] Detecting if a IP address belongs to a Tor Exit node.

Jorge Couchet jorge.couchet at gmail.com
Tue Dec 4 12:25:15 UTC 2012

A FlashProxy (https://crypto.stanford.edu/flashproxy/) is a normal
browser that has a Javascript code in order to act as a Proxy. The
browser acting as a Proxy is contacting a special server (the
"Facilitator" developed in Python) in order to ask for a client and a
Tor relay. In the case that the Facilitator 's answer is positive,
then the FlashProxy is acting as a bridge in order to connect the
client with the Tor relay (i.e. helping the client to connect to the
Tor Network from a country with the known relays censored).

I'm working with the ticket 7549
(https://trac.torproject.org/projects/tor/ticket/7549). The ticket 's
goal is to avoid a "Tor in Tor situation" when a FlashProxy is serving
a client request. This "Tor in Tor situation" could be described as
the FlashProxy being itelsf inside of the Tor Network when is trying
to help a client computer to connect to the Tor Network.

In order to avoid this situation, the goal here is that the
Facilitator is checking if the FlashProxy 's public IP belongs to a
Tor Exit node, if so then the Facilitator is giving a negative answer
to the Proxy. One possible solution for this scenario is that the
Facilitator is running an online lookup that queries a locally running
Tor instance in order to known if a given IP address belongs to a Tor
Exit node or not.

So, the question is: is there any other reasonable way (efficient
-development and execution time- and safe) to see if an IP address
belongs to a Tor Exit node?

Thanks in advance for your help!

More information about the tor-dev mailing list