[tor-relays] Reminder: exit nodes probably shouldn't be using Google's DNS servers

Libertas libertas at mykolab.com
Thu Jan 8 16:15:19 UTC 2015


On 01/08/2015 10:11 AM, Peter Palfrader wrote:
> ...
> o  remove all nameserver entries in /etc/resolv.conf and add one for the
>    local recursor.  Either manually or use (untested):
>      sed -i -e 's/^nameserver /#&/; $a nameserver 127.0.0.1' /etc/resolv.conf
> o prevent anything else from modifying that file ever again:
>    chattr +i /etc/resolv.conf
> ...

For what it's worth, most *nix OSs have files that are prepended and/or
appended to /etc/resolv.conf, which are the intended way of doing this.
They often come with corresponding man pages, too. OpenBSD has
/etc/resolv.conf.tail, and Ubuntu has base, head, and tail in the
/etc/resolvconf/resolv.conf.d directory.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150108/294e8c24/attachment.sig>


More information about the tor-relays mailing list