[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] DNS hijacking



Philipp Winter said:
> On Fri, Apr 03, 2015 at 10:15:42PM -0000, throwaway123@xxxxxxxxxxx wrote:
> > It will only happen when using Tor. I did a "normal" DNS dig and a
> > tor-resolve simultaneously - the first pointing to the real IP, the latter
> > pointing to said server.
> 
> What is the "real" IP address?  All exit relays that are currently
> online resolve your domain to 185.53.179.29.

How did you determine the resolution of all exits?  

How many of the resolvers support DNSSEC?

$ host sigaint.org
sigaint.org has address 185.10.58.250
sigaint.org mail is handled by 5 mx2.sigaint.org.
sigaint.org mail is handled by 5 mx1.sigaint.org.
root@box:/etc/ssh# cat /etc/resolv.conf 
domain members.linode.com
search members.linode.com
nameserver 207.192.69.5
nameserver 97.107.133.4
nameserver 207.192.69.4
options rotate

$ host 185.53.179.29
Host 29.179.53.185.in-addr.arpa. not found: 3(NXDOMAIN)


I would like to select DNS resolvers that support DNSSEC.  Can an end user (TBB perhaps) select a specific DNS resolver or a set of resolvers?



Chuck
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk