[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: ff 1.5.0.7 & 2.0 (remote) dns leaks when using tor

To: or-talk@xxxxxxxxxxxxx
Subject: Re: ff 1.5.0.7 & 2.0 (remote) dns leaks when using tor
From: Mike Perry <mikepery@xxxxxxxxxx>
Date: Thu, 16 Nov 2006 05:06:45 -0600
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Thu, 16 Nov 2006 06:06:43 -0500
In-reply-to: <4559EFD6.8090200@yahoo.de>
References: <4559EFD6.8090200@yahoo.de>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.4.1i

Thus spake lester psigal (lesterpsigal@xxxxxxxx):

> hi there,
> i've got a setup for anonymous browsing using firefoxf 1.5.0.7 and
> lately ff 2 with privoxy and tor (vidalia bundle 0.0.7) on windows xp sp2.
> the ff configuration option 'network.proxy.socks_remote_dns ' is set to
> true, the setting 'network.proxy.failover_timeout' is set to 50000 and
> the 'network.proxy.socks_version' is set to 5 but the ethereal logs show
> that firefox is still leaking dns requests, i.e. ff still does the
> lookups itself and does not delegate them to the proxy (which is not
> quite true: the dns requests are always delegated to the proxy and
> _sometimes_ to the local dns client too).
> to make it worse the leaks are occuring randomly (sometimes the remote
> dns works and sometimes not), so i'm guessing that it is a timeout issue.
> does ff fallback to local dns lookup when a remote lookup request is not
> answered in a timely manner or is it a failure with the os dns client or
> even a ff bug?
> what else could be done to prevent ff from dns leaking?
> 
> any hints or suggestions would be very nice as it does not make any
> sense to me to operate a quite complex and complicated system for
> anonymous browsing when tracking of dns requests is all
> a profiling facility has to do...
> 
> thanks
> 
> p.s. i've already posted the same message to the the mozillazine ff
> general forum without getting an answer

Well, just so you don't feel that everyone is ignoring you, I'll voice
most of our reactions: *shock*, *eyes popping*. Woops, time to turn
privoxy back on (use HTTP proxy port 8118 and don't list anything in
the SOCKS line).

Were you able to determine exactly what network.proxy.failover_timeout
governed? Was it just DNS? Did it have any effect at all on the
behavior? Perhaps the units are miliseconds. Sometimes Tor takes as
long as a minute to build a new circuit...

It would be logical if either 0 or -1 meant infinite.. Did you try
those?

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Follow-Ups:
- Re: ff 1.5.0.7 & 2.0 (remote) dns leaks when using tor
  - From: lester psigal

References:
- ff 1.5.0.7 & 2.0 (remote) dns leaks when using tor
  - From: lester psigal

Prev by Author: Re: still slow browsing
Next by Author: Re: ff 1.5.0.7 & 2.0 (remote) dns leaks when using tor
Previous by thread: ff 1.5.0.7 & 2.0 (remote) dns leaks when using tor
Next by thread: Re: ff 1.5.0.7 & 2.0 (remote) dns leaks when using tor
Index(es):
- Author
- Thread