[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Why do 40% of Tor exits uses 8.8.8.8 for DNS resolving ?



Thx for this share.

But I'm not sure how Unbound is "speaking" with the roots DNS servers...
Somewhere I've read that DNS queries can be forwarded by a "man in the
middle", and the server operator can't be sure about this :s
An ISP is able to do it with your "private server" hosted behind your
ISP's router...

I see DNSsec to crypt DNS queries from a client to a server, but for
sure it's not possible to use it with roots DNS servers...



16/10/2016 22:02, Tristan :
> TL;DR, if I understand how Tor relays work, Unbound (or any local DNS
> server) should see a request for example.com <http://example.com>
> coming from localhost or 127.0.0.1. It answers the request, stores it
> in cache just in case, rinse and repeat. The machine running the exit
> relay is the one that makes the DNS request, so the only thing you'd
> get from looking at the DNS cache would be a "Top 100 Websites This
> Tor Relay Visits" sort of list.
>
> From what I could find, a DNS cache contains the hostname and its
> associated IP address, nothing more. From what I understand, even if a
> DNS cache saved the source of the request, it should save "127.0.0.1"
> or "localhost" as the source, since exit nodes are the source of the
> request, and simply forward the response back to the client.
>
> I couldn't find anything specific about Unbound, but it seems like
> there isn't a proper way to read the DNS cache anyway unless you can
> somehow decode the binary file. I suppose if you know the specific
> cache file, you could copy it to a different machine with Unbound
> installed, and possibly extract data from that, but this theory
> assumes the cache is saved to the hard drive, and it's probably only
> stored in RAM.

-- 
Petrusko
PubKey EBE23AE5
C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays