Nmap Development mailing list archives

Re: [NSE] New script dns-blacklist

From: David Fifield <david () bamsoftware com>
Date: Sat, 7 Jan 2012 19:05:24 -0800

On Mon, Jan 02, 2012 at 11:31:09AM +0000, Duarte Silva wrote:

Hi Patrik,

I added two new DNSBL providers, one for TOR nodes [1]

[1] https://www.dan.me.uk/dnsbl


For Tor, let's see if we can use the Tor Project's exit list directly,
rather than some third party that is just querying them anyway.

https://www.torproject.org/projects/tordnsel.html

The main difference is whether an address can be considered an exit node
depends on the address and port you are relaying to, so those are part
of the query. Apparently TorDNSEL also does active probing to find out
if relays' behavior actually matches their stated exit policy.

Another possibly more efficient way is to download the whole relay list
once, and then compare each target address against the list. This also
has the advantage of not needing to disclose the target's address to the
exit list operator.

https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=74.207.254.18

David FIfield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: [NSE] New script dns-blacklist Duarte Silva (Jan 02)
- Re: [NSE] New script dns-blacklist Patrik Karlsson (Jan 02)
  - Re: [NSE] New script dns-blacklist Duarte Silva (Jan 02)
    - Re: [NSE] New script dns-blacklist Patrik Karlsson (Jan 02)
    - Re: [NSE] New script dns-blacklist Duarte Silva (Jan 03)
    - Re: [NSE] New script dns-blacklist Duarte Silva (Jan 06)
    - Re: [NSE] New script dns-blacklist Duarte Silva (Jan 06)
- Re: [NSE] New script dns-blacklist David Fifield (Jan 07)
  - Re: [NSE] New script dns-blacklist Arne Martin Wandsvig (Jan 07)
    - Re: [NSE] New script dns-blacklist Patrik Karlsson (Jan 08)
  - Re: [NSE] New script dns-blacklist Patrik Karlsson (Jan 08)
    - Re: [NSE] New script dns-blacklist Duarte Silva (Jan 08)
    - Re: [NSE] New script dns-blacklist Patrik Karlsson (Jan 15)