Bad Tor exit servers

From LinuxReviews
Jump to navigationJump to search

Bad Tor exit servers are servers run by evil persons who want to make money using Tor and/or collect passwords.

Redirecting traffic..[edit]

Exit servers can redirect you traffic to advertisement landing pages. These Tor servers are known to play this evil trick:

ExcludeNodes whistlersmother

How to spot evil exit nodes[edit]

  • Tor will log circuits used at loglevel info or higher (loglevel debug).
  • You can also view currently open circuits by telneting to Tor's controlport (default 9051) and enter 'getinfo circuit-status'
  • The best way to see what circuits are used is to run Vidalia or Tork.

The only known evil redirecting exit as of now (to my knowledge) is "whistlersmother" - who redirects domains to one of those typical expired-and-bought domain-landing pages with only advertisements. This server will apend /frame(longstringhere) to all domains you try to visit using that exit.

This problem may, sadly, grow in time, so you may want to find out how to spot misbehaving Tor-exits and help keep lists like this up-to-date.

How to try[edit]

You can choose exit node used on a site by adding exitnodename.exit to the URL, as in:

http://whitehouse.gov.whistlersmother.exit/

exits from whistlersmother,

http://whitehouse.gov.veronika.exit/

exits from this server.


Tor

Discontinued (outdated) Tor GUIs: