[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: transparent DNS proxy for tor resolution [was: Confused about Tor settings]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

i don't think there is much to proxying dns other than accepting the
request, translating it to a socks4a request and sending it on,
receiving the result, sending back to the client and marking the dns as
a tor-resolved one so tor doesn't flag it as a raw ip address in the logs.

tor does require at least one dns query to start up though doesn't it?
or are the directory servers on ip addresses hard-coded into the tor source?

coderman wrote:
> On 10/3/06, glymr <glymr_darkmoon@xxxxxxx> wrote:
>> ...
>> when is tor going to run a local dns proxy so this dns leak garbage is
>> done away with.
> 
> you may want to look at janusvm ( http://janusvm.peertech.org/ ) which
> uses a PPTP VPN tunnel to force a default route which does transparent
> DNS proxy through dns-proxy-tor on a virtual machine to plug the DNS
> leak.  [note that you may need to alter your DNS settings if your
> local gateway is also the nameserver - see docs for details]
> 
> i don't know that this capacity could be integrated any further into
> tor in a cross-platform / effective manner.  the mapaddress capability
> is a good abstraction point for this in my opinion. [that is, building
> a full DNS resolver into tor would be complex and there exist easy
> ways to integrate mapaddres to your host resolution]
> 
> best regards,

- --
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.5 (GNU/Linux)

mQGiBERj1vMRBACVgg5fJVUARD0cJHm/PzLU3oDoIPlraL1SyjLQcLDQt1mDmfk5
bIsvFYUujcM2j4s072Gufm1/52N27JESvtRc3zlAzCUZ8rHdwT7q5pELALBe+5WN
Ug+iJhejCgeIQpxDy7tlaW0ZMFS8DQcN2mUa+I+Gn1Fv1Vpz9ltniKRoowCgt+6M
2HmK6DpGJpHbi0UE6H6DMi8D/0bXstm6yIc11ldpYK0vLp91+HIyiYcWexS+LY0Q
QYfYKnzoy1TfziLULMBdCItzvw5wsa3nS4EBuRBFZACEB8X6VZTjDY+bt1UP20RY
2yXy9xJ2DMJxwoNRvSTwCcOdCdSJQMeElhh6XzWAxdHASH8orOK9dcB0K4eyh8pX
dQSkA/9u8cgQeIsALNaVkWg+CoL+hEu3fP3BmqyDEQrQlI/j5zaFwjiakP8fwCpm
NOnH6JJwksiNQT/TpRAht5BLIuLUEHtqY/GaCkqE5v0CStDbVEK+ZFPw7ePlAL1J
VIPl9GNkQRR0ScwOIK7s0XP1PpIA0FTq7LrXdWeyUY6QzPiy/7QeZ2x5bXIgPGds
eW1yX2Rhcmttb29uQG1sMS5uZXQ+iGAEExECACAFAkRj1vMCGyMGCwkIBwMCBBUC
CAMEFgIDAQIeAQIXgAAKCRAaQ7PBp6zsm6aOAJ98KrhhH05KtM3HmVUY0ud/W1Db
QgCfcyB2mZuVlWk+NwGRvT5pwdyArXC0IGdseW1yIDxnbHltcl9kYXJrbW9vbkB5
YWhvby5jb20+iGAEExECACAFAkRuMj8CGyMGCwkIBwMCBBUCCAMEFgIDAQIeAQIX
gAAKCRAaQ7PBp6zsm+5+AKCiWMvUd6SoPOFVLf/X4Mc5aucjrwCfRi/61tCSqKkb
qXyFHcAOMmFW8tu5BA0ERGPYGhAQALyvvcNnKI6nfpZTGVwpzVvDho4irlQCvVvt
/wAE8UfTFBuv1HhMtNi3CCTEVaunA8Ezh0F9VM0r/CoaDCNHKHunBe12lyA7lBxi
tEvvr1trLttWlgjpY5oFS8iaEChFLYsBnrDC6gr+SIxOVdobFupHRCqEMsPZEubi
732s0X5B1RMlvGN9lMatumnr8BwAgzMGDi6xwx6Psh3+7Tgfrc/uiwJLbNms2Vkw
eKoVuFG62TpBzD5pNW8+uS9BN+OUlgAeFD3VyG72scbn84NECkN6fyv8l9j9k+gD
+fGcg5a4/RtGC8XTD41RTHBRZ4J5xIeKt1lOPYY4sEsrvrYC6qRklne8mxQ+f9F2
LtxBRFjDYq+yNjpL3+t0GsqzwiDKVsJmamcovGmzbFL9rkocr0X53Y1SmQkwn4Yh
sXZaSFXIht57kgdx8taWKeksexdSBBG9rFBexzshfIaxc3J67zB+SkoUMKU52rH7
d3quCgtOoqYz4LjdDOhaETQNAwJwv6Vha5eb292ZPXLT/wRQ7RzYlPZ3ikonwjuB
slWF6JtEe/J51lgaEPZW6c/Rovt9uekBdpnAkc9zqOml1BfKVvOVq5ESs0C6QtjF
PelSEakrlF9vs71xXHxupkzRqPDIgRQ2mbsLponi7Iuopn25A8VmH0xztMdPKwXn
0GM5YtfDAAMFEACJ33XNxiiyy+o7WLBHRextCEVaE12C7oJdMs1Nom149yZPBhtR
PbpLai8+J2pd8LV17fIYQ+Cg+5fdQyjn6hgTA/0kA7Y3v+SrCXocDKiTkqw+hljW
D+xWkJ96N7JOiidZ+7FqrI3Mn6DJFPcF8WM50LWDogR2C7ik7J/GuBLoLOCXgIXm
gBK0tk6fr1Fn54MJ5UTnMo74EwM/e199agwtdv8C0csJBQkW3HgCpUgYXNQi0SbA
RmC+4Sl38ac6Fbut4Dznsod5om19cq53dnSL/z4lZz8r9nk46j1/NCB9IbNMWZMz
QYKx6kqmOPaUuce8mfPvJmUpkCFUEdATvrJkirSOS2zkdG6tZeXUG2+x+edyZRpB
lyZzczl531y/6SsV5v78g5kIgKewedNGTWXRAqj3A90nUXfGYsy6Vo33Hqhg5Vs3
OczP5mxQUyuRlkPyuLT8/2NU6vppNm/J34RX4bJHK0NqNmp/lA1y267t0Jiv3NHf
1WEICYiXb7kJWKcQSNjFKjUJiOIVfHpIsiiLKd/tOQht5tWXC4zNm1uOhskXcEYh
RlLCbRgcdNdy78fdfNhDlN29Cu20TkJQMnBG92mUyxB+8+yRlsgfsytauJqO0sLv
Vd2WS2wm0C+oPstBRrza+U1VZDyK2BPAbb1RS+var6m46uhu59xHMSKRTYhJBBgR
AgAJBQJEY9gaAhsMAAoJEBpDs8GnrOybfAYAn34P2SFPj4/dcenDocaOCGFa0rbR
AJ4qkvG2Euv7nc1GxfFPK2+MbEuqnw==
=1PSJ
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFI045GkOzwaes7JsRA9k9AKCO11ccpfZX4Zdmoi/7EyiZxtTNHACeNl+9
4ZiLLIZW69nNJFIsA15r2lQ=
=Ur8b
-----END PGP SIGNATURE-----