[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: DNS



On Mar 18, 2006, at 8:05 AM, Peter Palfrader wrote:

On Sat, 18 Mar 2006, Watson Ladd wrote:

We can protect TCP connections, right? So applications should be modified to
use TCP connections for DNS

No. The application should be modified to do socks4a or socks5 with
hostnames. Tor will then resolve the hostname on the other side when
making a connection. Using TCP for DNS isn't really the answer. For
starters to which DNS server do you go, and secondly it introduces extra
latency for no good reason. The latter is also the reason why that dns
server called TorDNS is not really a good idea.

I think what he's after is not an application, but the redirection and/or proxying of DNS requests en masse. For example, lets say you'd implement this functionality where your router is, that way it would ensure there's no DNS leaks, as well as provide DNS caching service for the whole family, in addition to Tor and possibly other proxies.



That will anonymize DNS. We also could have Tor itself do this for the DNS
queries.

Tor already does dns queries. -- PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred. | : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `- http://www.debian.org/