On Sun, Mar 30, 2014 at 10:23:10PM -0400, krishna e bera wrote: > To tries to recognize when random DNS queries are being hijacked by ad > pushers, but i dont think it can tell when specific sites are blocked in > this manner. Would it be possible for Exit Node operators in such an area > to have a switch they can set to reject DNS queries through it but still > accept exit traffic? ServerDNSTestAddresses seems to change the entire exit > policy if specified domains fail.
It certainly won't be straightforward. Clients don't cache dns answers anymore because of various attacks: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/205-local-dnscache.txt So if you can't do dns resolves, you basically can't connect anywhere for users. See also https://gitweb.torproject.org/tor.git/blob/tor-0.2.4.21:/ChangeLog#l1149 https://trac.torproject.org/projects/tor/ticket/7570 --Roger -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
