[tor-relays] Fast Exit Node Operators - ISP in US
Seth
list at sysfu.com
Sun Nov 23 18:41:52 UTC 2014
On Sat, 22 Nov 2014 21:48:21 -0800, Chuck Peters <cp at axs.org> wrote:
> I'm not a fan of OpenNIC because they were, and probably still are,
> running open resolvers. That means the servers are wide open to be used
> for reflection attacks, cache poisening and likely numerous other
> attacks. And they didn't support DNSSEC. And if they aren't logging
> anything, how do they stop the attacks?
Was not aware of the open resolver attack vector issues with OpenNIC.
Could they be stopped by rate limiting?
> Does a project exist that supports encryption and pooling the recursive
> queries, and DNSSEC, other than OpenDNS?
Don't know off-hand but maybe DNSchain is worth a look?
http://okturtles.com/
More information about the tor-relays
mailing list