[tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
jpmvtd261 at laposte.net
jpmvtd261 at laposte.net
Tue Sep 12 20:11:23 UTC 2017
My idea is designed to protect the exit node against a DNS attack from the owner of the DNS server. Not from the ISP or an attacker monitoring the traffic going in and out of the ISP data center.
On 12/09/2017 19:38, Ralph Seichter wrote:
> On 12.09.17 21:17, jpmvtd261 at laposte.net wrote:
>
>> My idea is to make more DNS queries than necessary, in order to hide
>> the useful DNS queries among useless DNS queries.
>
> I'm not sure what you are trying to accomplish. Usually, a DNS query is
> followed by an outbound connection to the returned IP address. Your ISP
> can always monitor these connections from your exit node, no matter what
> additional "query noise" you might introduce.
>
> This is not fiction. One of my ISPs sends me automated tickets every
> once in a while, about network scans that abuse my exit nodes. Not only
> are connections recorded, they are analysed for patterns.
>
> -Ralph
More information about the tor-relays
mailing list