Re: List of exit nodes wanted
[EMAIL PROTECTED] (Olaf Selke) writes: you can obtain the list in plain txt format updated every 5 minutes from Tor Network Status sites located in the US http://torstatus.kgprog.com/ip_list_exit.php or the Old Europe http://torstatus.blutmagie.de/ip_list_exit.php Thanks, Olaf. I guess those are supposed to be the same list, with one mirroring the other, but I've spot-checked them this morning and they seem to be out of sync, never quite agreeing with each other. These don't look like official URLs, so if they go dead in a year I guess I'll ask or-talk again. This might be more efficient for my code than the DNSEL, so I might end up using it despite the false positives/negatives. [EMAIL PROTECTED] (coderman) writes: use the Tor DNSEL implementation. it is up to date and easy to integrate: http://wiki.noreply.org/noreply/TheOnionRouter/TorDNSExitList That looks useful, I may write a CPAN module based on that sample code. Plus it looks like an official project, so its URL is more likely to stick around. Thanks! If whoever runs that DNS server is reading this -- my website may be hitting your server a lot (10K times a day). Will that be a problem? At how many hits a day will you get mad at me if I don't run a local cache? :) -- Jamie McCarthy http://mccarthy.vg/ [EMAIL PROTECTED]
Re: List of exit nodes wanted
Jamie McCarthy wrote: These don't look like official URLs, so if they go dead in a year I guess I'll ask or-talk again. This might be more efficient for my code than the DNSEL, so I might end up using it despite the false positives/negatives. Hi there, I'd really like to encourage you to use the DNSEL. I run exitlist.torproject.org and I'd like to encourage you to use it. We created it specifically just for people with the problem you have. You can use a caching name server and you'll have a fast system once you've done an initial lookup. Regards, Jacob Appelbaum
List of exit nodes wanted
Hello, Please forgive me for not doing more thorough research before emailing. I'm not part of the Tor community and not really interested in getting too into it. I'm just looking for some quick advice. I've installed Tor on several machines, fiddled with its config and log files, and read most of the FAQ. I'm looking for a list of Tor exit nodes, so I can block them from posting to my website. What's the easiest way to obtain that list and keep it up-to-date? For a while I was using a public site that presented a webpage listing all Tor nodes, and I screen-scraped it, but the site went dead. Then I switched to another site that later also went dead. If there's an official URL that will stick around, that basically just lists the exit nodes in the cached-routers file that'd be cool. Even better if it could let me specify I'm only concerned about x.y.z.a:80 and it will leave out any exit nodes that forbid connections to me! My current best guess is that I need to install Tor myself and configure it to run, at least periodically, to keep its list of routers up-to-date. Since that list seems to be stored in a text file (cached-routers) I guess I could parse that myself. However, that is less than desirable to me. If anyone's interested, the reasons for that include: 1. I don't want to relay any Tor traffic. I'm not sure of the best way to configure Tor to not relay anything. If I comment out the ORPort I get an error on startup: Failed to parse/validate config: SocksPort, TransPort, NatdPort, and ORPort are all undefined? Quitting Setting BandwidthRate to 0 yields a similar error, and also setting ReachableORAddresses to reject *:*. I know that: ExitPolicy reject *:* makes me not an exit node, but I prefer not to relay _any_ traffic. 2. I'm not sure how to tell from Tor's logs whether I have mistakenly configured it to route traffic. My current test is `lsof -ni|grep tor` which seems klutzy. 3. I'd overblock some exit nodes. I don't have any sample code to determine whether an exit node is already blocking traffic to my site and thus it would be unnecessary to block it on my end. E.g. I see one node blocks x.y.z.0/24:80 which matches my site's IP so I don't need to prevent any connections coming from that node from posting. If the cached-routers file is in a standard data format that I could use some existing code to parse, to generate a list of only those IPs which harbor exit nodes that allow connections to x.y.z.a, please let me know. 4. Firewall issues. 5. I prefer not to leave it running all the time, and I can't tell when its local copy of cached-routers is complete. (Partly for general security reasons, but especially if I can't configure it to not route traffic.) Tor seems to build cached-routers incrementally as remote sites respond one by one, and I don't know of a programmatic way to know when that list is done building. Incidentally (if you're interested), I'm happy to let Tor users read my website, but I choose not to let Tor users post unless they are signed in with one of our accounts, which lets us limit abuse. Since Tor doesn't attempt to block sites like mine from reading its list of nodes (exit and otherwise) https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#WhyBlockable my assumption is there's no problem with making that list as public as possible. -- Jamie McCarthy http://mccarthy.vg/ [EMAIL PROTECTED]
Re: List of exit nodes wanted
On Mon, May 5, 2008 at 9:38 AM, Jamie McCarthy [EMAIL PROTECTED] wrote: ... I'm looking for a list of Tor exit nodes, so I can block them from posting to my website. What's the easiest way to obtain that list and keep it up-to-date? use the Tor DNSEL implementation. it is up to date and easy to integrate: http://wiki.noreply.org/noreply/TheOnionRouter/TorDNSExitList there are code snippets for using the reverse dns lookups in PHP and PERL. best regards,
Re: List of exit nodes wanted
Jamie McCarthy wrote: I'm looking for a list of Tor exit nodes, so I can block them from posting to my website. What's the easiest way to obtain that list and keep it up-to-date? you can obtain the list in plain txt format updated every 5 minutes from Tor Network Status sites located in the US http://torstatus.kgprog.com/ip_list_exit.php or the Old Europe http://torstatus.blutmagie.de/ip_list_exit.php regards, Olaf
Re: List of exit nodes wanted
On Mon, May 5, 2008 at 10:32 AM, Olaf Selke [EMAIL PROTECTED] wrote: ... you can obtain the list in plain txt format updated every 5 minutes ... note that this still entails the other problems mentioned above: nodes which exit from a different IP address than they listen on for OR traffic will be a false negative. nodes that do not provide exit to the poster's server will be a false positive. the Tor DNSEL is the correct solution to the problem described in the original post. (but thank you for the exit node list links; that's a useful service for other reasons...) best regards,