Earthlink's broken DNS affecting Tor nodes?
Matt Ghali
matt at snark.net
Mon Sep 4 20:10:10 UTC 2006
yes, it is a bad thing. the easiest thing to do (if you are running
tor on a unix box) is to install BIND 9 as a caching nameserver, and
configure your resolver library to use BIND instead of your ISP's
nameservers (man resolv.conf).
Most modern unix distributions come with BIND 9, and just require
you to enable them somewhere like /etc/rc or /etc/sysconfig.
Anyone running tor should consider doing this, as you'll be making
name resolution almost an order of magnitude faster; in addition to
not having to trust nameservers configured to lie by a marketing
department.
If you're running Windows; well, good luck.
matto
On Mon, 4 Sep 2006, Jay Goodman Tamboli wrote:
> I'm currently running a Tor node (phrenograph) on an Earthlink DSL connection,
> and they've recently started returning a "help" site's IP instead of NXDOMAIN
> when a DNS lookup is requested for a nonexistent site. See [1] for more.
> Should I be concerned about this change's effect on the Tor network, since
> presumably DNS lookups I do are no longer perfect? If it does have a
> detrimental effect, is there a way to block DNS lookups in my exit policy?
>
> /jgt
>
> 1. http://slashdot.org/article.pl?sid=06/09/03/1359221
> --
> http://tamboli.cx/
> PGP Key ID: 0x7F2AC862B511029F
>
--matt at snark.net------------------------------------------<darwin><
Moral indignation is a technique to endow the idiot with dignity.
- Marshall McLuhan
More information about the tor-talk
mailing list