[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: proxychains DNS leaks stopped
I just did a test. As root I watched udp traffic using "tcpdump -i eth0 -net -s 65535 udp and host 192.168.XX.XX"
and didn't see any DNS request when I used "proxychains firefox http://check.torproject.org"
I did see this in the terminal that I launched proxychains from.
build@Janus-Dev-VM:~$ proxychains firefox http://check.torproject.org
|DNS-response| check.torproject.org is 22.214.171.124
Also worth mentioning, at the end of the default proxychains.conf file is:
# defaults set to "tor"
socks5 127.0.0.1 9050
Perhaps the author did have Tor in mind?
When I ran firefox without proxychains, I then say DNS request with tcpdump, as expected.
Hrm....I think it's working. If I'm wrong, could someone point out the flaw in my testing method?
On Mon, Jan 5, 2009 at 11:25 PM, Roger Dingledine <arma@xxxxxxx>
On Mon, Jan 05, 2009 at 11:11:13PM -0800, Kyle Williams wrote:Socks doesn't have a notion of resolving. It only has a notion of
> Are you saying that the "proxy_dns" option in the proxychains.conf is in
> fact leaking DNS request?from the proxychains.conf file:
> # Proxy DNS requests - no leak for DNS data
> I thought it would resolve against the specified SOCKS 4/5 proxy. Is this
> not happening?
connecting (well, and binding, but we don't use that).
We hacked on our own notion of a 'resolve' socks request:
and I'd be surprised if any other projects use our extension.