Wanted: Brave, hacker, exit node operator
ADB
firefox-gen at walala.org
Thu Sep 1 17:44:57 UTC 2005
If my exit node was still at home and not here behind this university
firewall, then I'd be all over it ;) In leiu of that, I have an
idea/question. As far as I know, Tor doesn't do any kind of DNS name
caching when operating as an exit-node. What do you think of crypted,
in-RAM DNS look-up caching? The utility of this feature would be
twofold. First, there would be slightly better performance. Secondly,
and more importantly, you'd have less DNS look-ups over time, meaning
that it would be just that much harder for an exit-node sniffer to get
ideas about usage patterns. This might also have the added bonus of
relying on the OS's native DNS cache as much, which is assumed to be
insecure cleartext.
Ciao,
Andrew
Adam Langley wrote:
>It would be cool if someone could test some patches I have for doing
>DNS lookups without fork() workers and using glibc. I'd need:
> * An exit node operator (because otherwise they don't do DNS lookups)
> * running Linux
> * who knows their way around patching CVS trees etc
>
>The patch is at http://www.imperialviolet.org/binary/tor-cvs-eventdns.agl.patch
>and you need to drop the following two files into src/or/:
>http://www.imperialviolet.org/binary/eventdns.c
>http://www.imperialviolet.org/binary/eventdns.h
>
>The patch applies against the CVS tree at the moment. You need to
>rerun autogen.sh afterwards and run ./configure --enable-eventdns.
>
>Run with core limits off and when it crashes email me the bt full
>output from gdb, then switch back to the unpatch binary which you'll
>keep around until I figure out what when wrong ;)
>
>(actually, from using tor-resolve lots it appears to work fine, but
>I'm sure that it still has bugs in).
>
>Also, do email the list if you're testing this patch so there aren't
>too many (if any at all).
>
>Cheers,
>
>AGL
>
>
>
More information about the tor-talk
mailing list