Excluding exit nodes

Sun Feb 13 16:17:10 UTC 2011

On 2/13/2011 10:19 AM, Tomasz Moskal wrote:
[snip]
> How someone can recognise if an exit node *might* be doing something
> suspicious - like sniffing traffic for passwords? As far as I can tell
> (with my limited knowledge that is!) it's by checking which ports the
> node in question is making available. And if there are not the standards
> one then it *could* do something nasty - which of course don't mean it
> does. Could you clarify this whole "rouge/bad/evil" nodes matter

I think it's worth mentioning that as an end-user you might be focusing 
on the wrong issues here. While there *may* be some nodes (exactly which 
is perpetually unknown) that record unencrypted traffic, it's more 
important to make sure that your private data (such as login 
credentials, text containing your whereabouts, etc) is encrypted 
end-to-end than to worry about excluding every "possibly bad" exit node. 
For example, it's much easier to use the https version of a website 
instead of http to protect a username/password combination than it would 
be to hunt down anyone who might be trying to record your http 
connection (as recording the encrypted https traffic would yield them 
nothing). The same logic applies to other tools as well, examples being 
using the encrypted ssh and sftp over telnet and ftp, respectively.

See 
https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#CanexitnodeseavesdroponcommunicationsIsntthatbad 
if you haven't already.

To answer your other question, as I understand it, the traditional 
definition of "bad" exit nodes has been ones that manipulate (actually 
change, rather than simply record) data as they pass through the node. 
These nodes are automatically awarded the "BadExit" flag and are not 
used as exits, so the end-user need not worry about them. Exactly 
whether using an asinine exit polixy should cause a node to be 
considered malicious has been a point of argument over the last week or 
so here, and relates only to the sniffing of unencrypted traffic. So 
again, make sure to use encrypted protocols wherever possible, and don't 
send any personally-identifiable information when forced to use 
unencrypted protocols, and you should be fine.

Others will be better able to answer the other questions you had. Good 
luck, and stay safe!

~Justin Aplin

***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/