[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor with ttdnsd and unbound



On 04/29/2012 03:49 PM, Tom wrote:
> On 29 April 2012 12:53, anonym <anonym@xxxxxxxxxxx> wrote:
> 
>>
>> So, you have to switch from using Google's DNS (which blocks Tor
>> nowadays) to OpenDNS or whatever DNS server you trust. You'll still be
>> unable to do multiple DNS requests at a time, though.
>>
>>
>  Yes, you are right! So for now I'm scraping the ttdns+unbound idea, at
> least until ttdnsd won't be fixed or, until (hopefully!) Tor won implement
> it's own DNS tools [1].
> Is there any other way to reliably resolve DNS queries through Tor?

I wrote a HOWTO for DNS/DNSSEC over Tor with unbound+socat (IMHO if you're using
unbound, drop ttdnsd altogether):

https://labs.nic.cz/page/993/dnssec-validation-over-tor--linux-/

Click 'English' on top of the page if you get Czech version (it takes language
preferences from headers sent by browser; Referer sending must enabled in
browser in order the language switch to work).

I'm also working now on DNS/DNSSEC as Tor hidden service over TLS, I'll post the
HOWTO in couple of days.


> [1] https://lists.torproject.org/pipermail/tor-dev/2012-March/003341.html

The above proposal/implementation will take a while to finish, I've run into
some technical quirks that need to be resolved (in order to have it working
reasonably fast and not shoot yourself in foot with some stupid design/coding
mistake).

That's also the reason I decided to try the "DNS as hidden service over TLS"
approach.

Ondrej
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk