转:Tor Country Codes

http://www.b3rn3d.com/blog/2014/03/05/tor-country-codes/

Tor has the ability to let you choose which exit nodes you’d like to use – either by name, fingerprint, or country code. If you have a trusted list of nodes you’d like to use as a whitelist, you can use that, or if you have a list of nodes on a blacklist, it supports that configuration. But for those of us that are attempting to be someone else, specifically someone from a different country, we can use Tor to not only hide our identity, but make it appear to be from a specific geographic location.

Our example here may be an identity where you want to appear like a Ukrainian dissident — when in reality you’re a soccer Mom from Chicago, IL. By setting up a dedicated machine, with a specific Tor configuration, you can make sure that all of your traffic is routed out of an Ukrainian Exit Node.

TORRC

The configuration is simple, modify your torrc file to add the follwoing line to ensure Tor will only use Ukraine based exit nodes:

Please note that in all of these examples, we must enable StrictNodes. This example will use either Ukraine, Uganda, South Korea, or Ireland as an exit:

Blacklisting

You can also use this as a defensive measure as well. If you’ve believe there is some kind of geo-centric threat in Uganda, you can configure Tor to never use these exit nodes.

You can exclude all node types for a specific country as well – exits, relays, entry, and bridge nodes.

You have the ability to whitelist all node types which is to say you can make sure that your entire Tor circuit only uses a certain country. This is NOT recommended of course. An ideal circuit will cross countries and legal jurisdictions.

The ?? Country

Tor uses Maxmind’s Geo-ip lookup system for this functionality. Some of the versions of their database contain a “??” country code. This is reserved for IPs they either don’t know, or aren’t willing to share. (Tor is making some changes to compensate for this in the future.)

Knowing this can be useful in one of two ways. First, you may think that if you don’t know what country you’re going to be using as a node, then you don’t want to use it. This is probably a legitimate thought without having more information on what causes an IP to have “??”. Second, and more interestingly, some (poorly configured) firewalls will automatically drop connections from certain countries. Admins will say “Screw it, block China. Hacking problem solved!” and ask for a raise. Maxmind is a very popular Geo-ip lookup database and you can imagine that all of the security services built into those fancy enterprise firewalls will most likely be using it if it’s doing geographic lookups. While many of these admins will have policies for how to handle “us”, “cn”, and “de”, I’ve found many have issues with a country code that is “??”. In one case, I’ve found a system that blocks all exit nodes, except those coming from a “??” country. I have not identitied why this mis-configuration occurs, but hopefully someone can leverage this to their advantage.

List of country codes for Tor

发表评论

电子邮件地址不会被公开。 必填项已用*标注