[tor-relays] Reminder: exit nodes probably shouldn't be using Google's DNS servers
Steve Snyder
swsnyder at snydernet.net
Thu Feb 25 17:09:57 UTC 2016
I assume you mean the name resolutions. Yes, the resolutions are cached.
The history of queries is tracked implicitly by the resolver. I've set mine to no more than 10 queries per second, so the 11th query from the same IP address to the same TLD would be rejected.
On Thursday, February 25, 2016 11:09am, "Elrippo" <elrippo at elrippoisland.net> said:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Are you caching the DNS queries?
>
> Am 25. Februar 2016 13:47:04 MEZ, schrieb Steve Snyder <swsnyder at snydernet.net>:
>>The OpenNIC servers may not be appropriate for use by a high-speed Tor
>>exit relay.
>>
>>I run an OpenNIC DNS server, and my VPS vendor insisted that I
>>rate-limit the server to avoid it being used as a DDOS vector. I'm
>>guessing that this is not an uncommon position to take for public DNS
>>servers.
>>
>>The OpenNIC servers you select for use may be perfectly fine for your
>>level of use but don't assume it is automatically true.
>>
>>
>>On 02/24/2016 10:49 PM, Tristan wrote:
>>> They are default for Pulse Servers.
>>>
>>> Anyway, thanks elrippo for that link to the Open NIC Project! I've
>>added
>>> their DNS servers to my exit relay, and I no longer see any log
>>errors
>>> about failing nameservers!
>>_______________________________________________
>>tor-relays mailing list
>>tor-relays at lists.torproject.org
>>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
> - --
> We don't bubble you, we don't spoof you ;)
> Keep your data encrypted!
> Log you soon,
> your Admin
> elrippo at elrippoisland.net
>
> Encrypted messages are welcome.
> 0x84DF1F7E6AE03644
>
> - -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v1.4.11 (GNU/Linux)
>
> mQINBFH797MBEAC0Y0NeI7lmDR9szTEcWuHuRe0r/WjSRC0Nr5nXsghuMcxpJ3Dd
> BOBimi4hdMMK4iqPVMwNw6GpKYR3A9LHHjbYRXHUKrJmB+BaJVyzJXN5H6XvxTTb
> UfX+DaXAGJW/G+3cBB3qm/QaU8QGkBKfXq0DLTaTGPkGKxEAldj/8onGZhawdJs+
> B92JrW+S2HDh15pIuXzSqe7eCcIOdvvwfWe0fJi2AraA7LYGpxP6GcC/b9JJpbq5
> Y6DfE2Aun9ZK3iHqURyrms0Whbv1CgmUahL2MVYCsTsXwe0GwlAxxKvjXAiXuo+R
> 9wO5wsXvVVSVNqsk9Yqi+wYzdPKndTU0GyxSApQHroF+cxaZ8Lk0xloj18+LdCSs
> e5IiTSXH0MMsDdWWdHlrgk+bgDG+0Gu3ne4vMwGdKO7AhYgQW/ueMy4RnkG/nsV9
> jry5BO4gGAI1Ij8KvqUzEnvJFGE3ptJogU+zazWWDUWmL3ecKb3aDRlJFnZ3kJ5h
> q8GolZVjpk99V+4B5WVRPXdej/p5J19tXycK/jdNmr4oC8NyUhIpe8xHELnfoB4z
> +rxiTx+KMnW0rY8EQg8O2ixEYt5my90IwQkxcxIxextVrqjJjYn8extc2/v8yGzI
> KmTEJxdADB5v/Jx4HiLHNDSfBUb8gfONCkNSTYvTcSwTjWzHOkXeE/9ZbQARAQAB
> tD5lbHJpcHBvIChrZWVwIHlvdXIgZGF0YSBlbmNyeXB0ZWQpIDxlbHJpcHBvQGVs
> cmlwcG9pc2xhbmQubmV0PokCOAQTAQIAIgUCUfv3swIbLwYLCQgHAwIGFQgCCQoL
> BBYCAwECHgECF4AACgkQhN8ffmrgNkT8+BAAoAXBqu4/O2Cs5FSWWZpzgScNEgq7
> uHhOKeYmRfgKlOUPoYlPB1DBqdOAXSKb9OvsmyOvpoGnqijB7aAJBoyQYW/OCQgd
> U8L4eTCf4yRZnfFLdgskcPfN1p0Rs/yinGEooBJFtYa7mT6J0UTW2JjCLZK2AFCW
> oF+KBu5JICXGBXigb2ZbX1jWjxP5H1RidQw6HF5z4z34SjLWAOOeZ8B/Xfz6Fs0s
> IAuLu2O4HE4DI8Qu196LhSVHHgr3uMTkvN1t5nKwyjrRQztwXXk9qIomII3ydNYb
> BYAGdWNNMfLb1kmDwC5wQHAFvSP1aiMF3aKAY+gl2wXSGO6JqM0SteJS3dytIljI
> kzu0atc9HuGs/HDQgdmpAS4WU2YefEr/WieltSiAKlwuC+3wg+CONJ6TE1vgNDU/
> axerttb0jq7UQb/nAp05bsrB7XH1Vs+1ON9lUPEfWRmwQcrVK5JUrUWa/4tA/UeM
> XvFcPFtFluGTlLewgJIqcvjPXFwpbDZprXJsMkwew/A6B6n3+0sbgf7p3QSGkVbi
> dwQAymTbHdYqLnbcnKZhjto3Wjw1J5QB2wuiRYlpjV3i7AWTGlqoSTOWCCV+HamQ
> qeFYNYAWNFx3+J/oi7xDi8t9bHVNA205equ+y2sj3G5uGJ6LSHQ8AXp9uOipUUvU
> 1MJN0yLXr9PIwvi5Ag0EUfv3swEQAL0+MnxHGrTjSYdfdua4SBpmytDONM1EngeY
> s+WyaC/760MughKbaysI/nK2LB1vnwEY7f3NM4fxBx8u2T7VBm6Ez6Fs23Bb8Rkz
> f97bPSdxCmg64GPHfLA9uwTIXcYS+MpI86WOf6eWY0rRpf7Y9Nl7YoUNvzOyUPqc
> ggdcnHce8zYv7A/WS8flZDm8tVFPsHrQDEwNMws7ZhiNnHkeZeRJrvCuB7oEVich
> O/ROYoA5o6NozWYQbjxe1f6Yur4Q10qgVcxVnyLFJSbg6vZSzL7KYh3Z5iBOzPHt
> 7cwEDrW8W4Kl2Qj8rhJ4Wxs94CAtua7IXK44sVZWQbyHcOXRikgGMZKkEZzVCQa5
> KD1u1ZrcBCyuMAir0hsmS3jhCUwpiE2c3SRk8O8CgixhTcBk0X/k9ZFu3Hbi1JMB
> FLzs/Nq3tYAYvVivhPloSxmYBPsafYHCZM83yBNNsralXh5zjB+di90G+AMXt2PN
> LTcdovZuWtC0s8/jrx+zv/AA4FAGYU9OVl+YL9ybFX8gSdMEcixyzQcKfiFBjpWv
> 5iFrwIuDlaXMcheyrhc9aGOxfx44OXc505+VjO/1Q/8EOWlJ6UwOi6GMkj5T+RFJ
> MDyP0UixS7dt6wTuD5t6PRuyWWxZswgrbL9hjwGFr154Z19TWeNWc23pWtUvQJos
> UCxl2nFHABEBAAGJBD4EGAECAAkFAlH797MCGy4CKQkQhN8ffmrgNkTBXSAEGQEC
> AAYFAlH797MACgkQJEPd69lQ0evA+Q/+M7lSFlrQWiRsFqDjh+kTJc+0OEBCvnfo
> N2KPyXXbfc//qup55PfEygE6C60zvrlv3WE33GZ5GS5MLuDMP82b+a5Yt16NQU7L
> WtAg1g0S0BvazW+28TgnfO8bhbGaFeE9ccw3xLmlbwZQ3f3LtMKdwFIROiG6hvAs
> 9U54QYti3tv9DowRYYWpdr0Ga8RqeGNtCKc0v2opy51MpzKWjwUW0i3XlSlyY8Lj
> 1KT8PyznNPw32nYpmDizz+0OUJNnn/kT+GnFoR3DJnFosTOrnxFJp+N+nejMp/gW
> r9NM0/E7H+P53IiytBOt5/0vsOaCFGdYGhKEjmJi3dHS4Xk1ObD1mjdD1YDOlWWU
> 3Md6BDHd4W7Q8gT7oQfTIMLd3HzV+WNPIdocPLBaeA/tRD8Pg5CCmncAmSub4F5T
> An7FlnACtSOv3cIWQ0TymS42DihDaJ5d1RvNzKw+zHYdPvf471JFZR3TDhkPbLIr
> 9czR7kbpnXRwchgwXQn306NVWf37TgA8wpbnFTazZ38iOeqcb9oKprqnbgEdr3PN
> OhKSlMTkzAqf3MEi2Fyua4BADMhS3oBwCRgDTlt6wquEytpNSlZaHnyiyIgOpekF
> Uy5K3w8NhHqeifRPrNb/UcCbXtXz+puqIEZHMenpv6FRlTTKpdoHoVXSkp1TPMGN
> /VaCiLbP4Z3xEw/9EbAJJkhmmx1Qw3ueoqc4h1MmhUtIdxSZ/oA9SjwlnY++zvaZ
> 6w1wTS4P+OUkETNDtItdpxXMJ9qfSy9voAQc2K43WMZCCmpPJYSdqaZZNPFj+Ne8
> 6FNtNKuUkXREybpHwlVAXnHzInmFOOM9RAmF70r3zEmKt77W1ztBLo2o9X79gPgL
> u9ThgrH6Oc2k46n+9nc3joccr7miiX/bp976DNWcWdOYThiSSOCb8Zw9/Zs935i1
> wUVkYTj24tmBH4H5ov9ib7RPmU21ru458RbUKG0ONAqBtAHNyXHzUnXsrke+D4VW
> MI06YcXSk8YeYgQ8GxgHQc+W2bb8LIbKN1hEYJ0wzM62vKR2/Oiwuf8lXutIKTuz
> +v7Vj1PQd66DGHsxtWRaWnr1c54JTL2wICHJYKFH4grp7864+GL/uQ1O/Z/XxVku
> E1JQ/AnwBGU1M1S6otwWGWVRjzEzQtxsfcCEPvV/9td3FIFQAbGTPb+48XFU+TY9
> 8AlcXBlDzXq7c5f8Evn/oSIsZDt63K4HNTmMGqOTl/p1aA0e4eyX76LczY06rDP5
> GMSNs+AHmYgZiS4RYhRUIvS9uLXMnnDAMYst0SDl2orDUUeHBTzu0rchyknBZMGP
> p5wQuWQ9CFlV+dj3UYbrBwC1lTkAMXRG2vlhA0V0TZqos7A5D4VHgSUQQjE=
> =otlL
> - -----END PGP PUBLIC KEY BLOCK-----
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: APG v1.1.1
>
> iQJcBAEBCgBGBQJWzyc/PxxlbHJpcHBvIChrZWVwIHlvdXIgZGF0YSBlbmNyeXB0
> ZWQpIDxlbHJpcHBvQGVscmlwcG9pc2xhbmQubmV0PgAKCRAkQ93r2VDR61NwEAC2
> bVIngcpTcwVBXfZCLmRh0yixDBWOWmA0HLE3U0ow3s2KqPM+QhWr4qtHFcYCTvOR
> yWBrNXXFD6T5SwKGJdUr9NvBzz4Vw+jCC+pTHdzOaXZJ3cVp0JUudjV+jHykSptO
> ZAbM60mMTXrT/2fuf6i57j3mMyWiBvPmcqqlcTs+HWLz5pjSXh3FBL+3bYZbNSkf
> LNqYqE6Z0EpdksyCHR+k3JjtcwZqX6cdDQs+YEQdoeMhxQvadr48WAquwyLTr5RF
> ybzKLYeUwwknehwvZHJl5GalyYqLWZcEkqRfvH//bqjJH4cYcHEKg+HLFBevurQE
> tT+BMXx0neTr7HpzeHgrEpBw5REdcEwLBtQMZ5+DlJ+cflz9JiFk9/bc6SqvB1JX
> phxvysQtVSYoANG19tlT+k9q0uJLXZaS7JSBgtxxyuxhSQnQZHRnEkw6jUeHEWkS
> Y8+3o+D152L2K3U+NeDxKc2+dZsSY8vbYvIJLfHp48+F50+XbpI7kwQf6c/bGbMt
> PngJaHEgX4rdas2DyD0SK0gfPBe2X63J7dmE+Rq8X3+9wqx5af0Nk35YuYcGUzkF
> LInjxW2b3zWAnX2PeyNKxiyHP2Z32h8mAP6CRQLYDtc0HsZzqFGus2y4R+JalQXO
> 5DOAv36NfZ1qq1mJF5IjUNzHilaC2iYl1fpcqRQd2g==
> =pcgO
> -----END PGP SIGNATURE-----
>
>
More information about the tor-relays
mailing list