[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: proxychains DNS leaks stopped



     On Mon, 5 Jan 2009 23:34:56 -0800 "Kyle Williams"
<kyle.kwilliams@xxxxxxxxx> top-posted:
>Interesting...
>I just did a test.  As root I watched udp traffic using "tcpdump -i eth0
>-net -s 65535 udp and host 192.168.XX.XX"
>and didn't see any DNS request when I used "proxychains firefox
>http://check.torproject.org";

     That's right.  You won't see it as UDP because the proxyresolv script
uses the +tcp option on the dig(1) command.
>
>I did see this in the terminal that I launched proxychains from.
>"
>build@Janus-Dev-VM:~$ proxychains firefox http://check.torproject.org
>ProxyChains-3.1 (http://proxychains.sf.net)
>|DNS-request| check.torproject.org
>|S-chain|-<>-127.0.0.1:9050-<><>-4.2.2.2:53-<><>-OK
>|DNS-response| check.torproject.org is 209.237.247.84
>|S-chain|-<>-127.0.0.1:9050-<><>-209.237.247.84:80-<><>-OK
>"
>
>Also worth mentioning, at the end of the default proxychains.conf file is:
>"
># defaults set to "tor"
>socks5     127.0.0.1 9050
>"

     The one that got installed on my system said,

# defaults set to "tor"
socks4         127.0.0.1 9050

which I changed to the way you have it.
>
>Perhaps the author did have Tor in mind?
>When I ran firefox without proxychains, I then say DNS request with tcpdump,
>as expected.
>
>Hrm....I think it's working.  If I'm wrong, could someone point out the flaw
>in my testing method?

     See above.  Take a good look at the proxyresolv script that is used by
proxychains to resolve names to addresses.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************