Exit node blocking site?
Michael Holstein
michael.holstein at csuohio.edu
Sun Feb 19 21:28:33 UTC 2006
There are several sites that do sendmail-style DNS RBL'ing of TOR .. one
(which I found sort of accidentilly) is AHBL.org. TOR ops also publish a
python script which will extract all the IPs of exit nodes as well.
I actually block access to groups.google.com and groups.l.google.com by
putting them as 127.0.0.2 in /etc/hosts -- but I noticed that TOR is
smart enough to notice that the address will resolve to an IP prohibited
by the exitpolicy, and not even try.
As for BitTorrent, the TOR box is behind our campus Packeteer, so while
someone might think that they'll get advertised rate, they'll really
only dribble out at 64kbps. Same with any other P2P app that tries to be
sneaky by using another port.
Keep in mind TOR is not so you can "research" illegal software, and that
suggesting you're doing so makes you an easy target -- you expose
yourself to liability by suggesting you use (or host) TOR to allow
people to do illegal things.
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
PS: you can control the exit node by appending [nodename].exit to the
DNS name you attempt to resolve .. eg: www.foo.com.serifos.exit would
make it exit via 'serifos', and if that node dosen't allow it, you'll
get an error in your client.
M wrote:
> I was unable to go to http://piratebay.org when exit node was 70.230.73.20.
> All I got was an error, "Connection: close". Everything else was working
> fine.
>
> After couple of browser reload tries I restarted my Tor client, exit node
> changed and I was able to open the site in question.
>
> I dont think it's right that exit nodes censor stuff, of course I
> understand
> that some exit node operators feel like it's necessary. Well ok, I think
> that it's ok to censor CP.
>
> No, I was not seeking any illegal warez, I was doing hmmmm... Research! :P
>
> Well to be honest, I was looking one pre-release which I'm _really_
> going to
> buy when it gets to stores. Didn't find it, oh the waiting... I'm not a fan
> of "warezing" some little bands albums... If I really like it I will buy it
> except if album has some shitty "copy protection".
>
> Well, thats my 2 cents =)
>
> M
>
More information about the tor-talk
mailing list