[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]


On Sat, 18 Mar 2006, Watson Ladd wrote:

> We can protect TCP connections, right? So applications should be modified to
> use TCP connections for DNS

No.  The application should be modified to do socks4a or socks5 with
hostnames.  Tor will then resolve the hostname on the other side when
making a connection.  Using TCP for DNS isn't really the answer.  For
starters to which DNS server do you go, and secondly it introduces extra
latency for no good reason.  The latter is also the reason why that dns
server called TorDNS is not really a good idea.

> That will anonymize DNS.  We also could have Tor itself do this for the DNS
> queries.

Tor already does dns queries.
 PGP signed and encrypted  |  .''`.  ** Debian GNU/Linux **
    messages preferred.    | : :' :      The  universal
                           | `. `'      Operating System
 http://www.palfrader.org/ |   `-    http://www.debian.org/