Bad Tor exit servers
Bad Tor exit servers are servers run by evil persons who want to make money using Tor and/or collect passwords.
Exit servers can redirect you traffic to advertisement landing pages. These Tor servers are known to play this evil trick:
How to spot evil exit nodes
- Tor will log circuits used at loglevel info or higher (loglevel debug).
- You can also view currently open circuits by telneting to Tor's controlport (default 9051) and enter 'getinfo circuit-status'
- The best way to see what circuits are used is to run Vidalia or Tork.
The only known evil redirecting exit as of now (to my knowledge) is "whistlersmother" - who redirects domains to one of those typical expired-and-bought domain-landing pages with only advertisements. This server will apend /frame(longstringhere) to all domains you try to visit using that exit.
This problem may, sadly, grow in time, so you may want to find out how to spot misbehaving Tor-exits and help keep lists like this up-to-date.
How to try
You can choose exit node used on a site by adding exitnodename.exit to the URL, as in:
exits from whistlersmother,
exits from this server.
Discontinued (outdated) Tor GUIs: