[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Duplicating Tor's DNS requests



On Sat, 26 Mar 2016, grarpamp wrote:

> On 3/26/16, parazyd <parazyd@xxxxxxxx> wrote:
> > I'm wondering about duplicating Tor's DNS requests (like, when browsing
> > a clearnet website) to another place on my machine.
> >
> > Basically, I'm running dnscap and with iptables or something similar, I
> > would like to copy the DNS requests so dnscap can see them, but the
> > important part is that the copied requests do not get through.
> 
> dnscap / iptables expects dns protocol, not parsing hostname
> resolves out of socks5 protocol on localhost bpf. You need
> other tool for that.
> Your browser pushes hostnames through tor's socks5 interface,
> so tor would need feature to block them internally instead of
> sending them out over tor, then you couldn't browse anything.
> If you don't want anything leaving but tor, block all and only
> leave path to tor's socks5 port on another box / vm... aka: whonix.
> 
> You probably want to read / comment / contribute to
> DNS portion of this ticket...
> 
> # Combine setevents circ and stream
> https://trac.torproject.org/projects/tor/ticket/11179

Pretty interesting. I'll see what I can do.
Anyway, I would let both clear and Tor traffic out, I just wish to log
Tor's hostname/DNS requests and it seems a tad difficult so far.

Attachment: signature.asc
Description: Digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk