[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: transparent forced dns-'proxy' on Exit-Node - is it ok?



On Wednesday 10 January 2007 04:12, Peter Palfrader wrote:
> On Tue, 09 Jan 2007, herfel@xxxxxxx wrote:
> > Hello,
> >
> > for reasons that are not relevant to the question, my tor-node
> > 'cannot' function as an exit-node. However I was thinking that it
> > would be possible for me, to use iptables to force-route all
> > outgoing dns-requests from the tor-IP to my local dns-server
>
> Don't.
>
> Just do not exit to port 53, so nobody will try to tunnel their DNS
> requests over Tor through you - tho I doubt many, if any, do this.

I always thought that since Tor only uses the TCP protocol and DNS uses 
UDP, Tor will not tunnel any DNS requests. No matter wether you exit to 
port 53 or not.

-- 
Gompie <gompie.tor@xxxxxxx>