[tor-relays] About running an Exit node
kzhm at mailtor.net
kzhm at mailtor.net
Thu May 8 23:51:45 UTC 2014
> 1. How can I know if there is a client specifying me as an exit node and
> the traffic is sent from the client to me directly(where my exit node is
> the first node and also the last node for the client.)?
> 2. If i found some clients trying to do something bad by using the method
> mentiond in 1., how can I stop him? Is iptables or anything else can help
> me to block such clients?
The other replies seem to be a bit confused.
The tor client selects the relays for the circuit himself. If somebody
wants to
use your exit node they don't need to connect directly to it and pretend
to be
a relay, they could build a circuit that would exit via your exit node. They
would even stay anonymous, due to tor.
You don't need to hack the tor source for that, you can specify the exit node
via the .exit notation. It's a feature.
Even if it wasn't a feature, there's nothing that can be done to prevent it,
since we can't know if you got randomly or directly selected to be the exit
node.
Anyway, I agree with you, somebody could increase your complaints you have to
answer that way. I asked myself the same question recently. If you know
somebody will do this to your exit, use another identity to run your exit or
don't allow exits and run a relay instead. Running a relay is fun, too.
tl;dr: It's possible and easy to do it, but I don't think it's unlikely
somebody randomly selects you to do that.
More information about the tor-relays
mailing list