On 11/17/07, Roger Dingledine <[EMAIL PROTECTED]> wrote: > On Sat, Nov 17, 2007 at 02:29:09AM -0800, s s wrote: > > I recently found some "bad" tor node would redirect http request to a > > pre-configured address such as > > http://218.86.119.72/req.php?str1=xxx&&str2=url > > where xxx is a 18 digit number contain a Unix time stamp and url is > > the original url requested. > > then the host 218.86.119.72 will send back a cookie which named > > 'UniProclove' whose content is also a 18 digit number. > > > > Is it possible to configure tor to isolate such a "bad" tor node? > > or is it possible to configure tor to refuse to connect/relay to > > certain ip addresses? > > Yes, you can exclude the node by nickname (or better, by key fingerprint) > by adding an "ExcludeNodes" line to your torrc file. See the man page > for details. > > But even better, if you tell us which node it is, we'll a) try to contact > the operator to get him to fix it, as it's quite likely to be an innocent > misconfiguration, and b) blacklist it from the directory consensus in > the meantime, so other users won't stumble into it. > I dont know how to find which node did the redirect. Seems that it is difficult to track this node, it only occurs from time to time
Now what i can do is to block browser cookies and/or configure Privoxy to block this kind of urls. > (I've been meaning for a while to come up with some mechanism for users to > report problems they see, while we wait for Mike Perry to get his TorFlow > application more automated. But there are enough false positives that I > don't think we should just say "mail tor-volunteers". I'm not sure what > the best plan should be.) > > Thanks! > --Roger > > Regards,
