eliminating bogus port 43 exits

Dominik Schaefer schaedpq2 at gmx.de
Sat Jun 13 08:46:26 UTC 2009

On 12.06.09 09:29, Scott Bennett wrote:
> This apparent fact, in turn, suggests that if a) all tor nodes with an
> explicit exit policy were to restrict port 443 exits to just the legitimate
> port 43 IP addresses and b) the tor default exit policy did the same, a
> huge and illegitimate load would be lifted from the tor network overall. If
> no relays offer exits to port 43 that don't go to the NICs' whois servers,
> well over half of all tor exits, which are illegitimate and undeserving of
> service in the first place, ...
My comment is very basic and related to one somebody else already made, but
IMHO it should not vanish in the discussion:
What definition of 'illegitimate' do you use? Even if traffic to some port 43
is not a request for a whois server, why should that be illegitimate?
Transferring specific data to/from specific ports is (thanks <divine being of
choice>) not compulsory. Many Tor nodes operate the OR port on 80 or 443, but
clearly don't transfer HTTP traffic. Does that make it illegitimate traffic?
And if yes: does everyone operating a whois server would have to register
somewhere, so that the Tor developers/operators can include its IP into the
(default) exit policy?

There may be people using port 43 for something 'illegitimate' (depending on
definition), but you cannot deduce this from that the fact that a large
percentage of your port 43 traffic is not addressed to one of 43 IP addresses.
Of course, everyone is free to restrict his Tor node as he likes, but calling
for a default restriction is IMHO not justified without more information.

Have a nice weekend,

More information about the tor-talk mailing list