[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Library Defeats Tor Followup Addl Info
Yeah ok, thanks for explaining that, I am understanding it now. I think
my problems will be solved once I fix the dns/hosts file bug in Windows
so that it makes dns requests to my internal hosts file first.
But I will take a look at JanusVM also.
On Tue, 16 Oct 2007 20:46:10 +0100, "Robert Hogan"
<robert@xxxxxxxxxxxxxxx> said:
> On Monday 15 October 2007 23:58:37 mark485anderson@xxxxxx wrote:
> <shnip>
> > >
> > > well then explain to me how they can monitor dns traffic if all dns
> > > requests are made within the originating client box and not to any
> > > outside source. maybe all you tor gurus can explain how clients usually
> > > make dns requests through tor and WHY IT IS THAT TOR ALLOWS COMPUTERS TO
> > > LEAK DNS REQUESTS AT ALL???? TOR SOFTWARE SHOULD NOT ALLOW THIS AND
> > > SHOULD FAIL TO WORK IF DNS REQUESTS ARE MADE TO ANY NODE OTHER THAN TOR
> > > THROUGH PRIVOXY. OH THAT'S RIGHT TOR IS "EXPERIMENTAL" AND "NOT FOR
> > > GENERAL USE". FUNNY HOW LONG IT HAS BEEN EXPERIMENTAL. MAYBE THE FAULT
> > > HERE IS WITH TOR, NOT WITH ME OR THE LIBRARY?
> > >
> <shnip>
>
> Whether a dns request gets routed through privoxy (or any other privacy
> proxy
> you use) and then tor depends on the system call the application uses to
> perform the request.
>
> The problem is that some applications perform system calls that by-pass
> their
> own proxy settings. This is more by happenstance than design. It's
> important
> for Tor users to know how to guard against this and even prevent it and
> the
> tor devs have put a lot of work into making it easier for tor's helper
> applications to do so.
>
> It sounds like in your situation some windows equivalent of a kernel
> module is
> hooking system calls like dns requests and doing something funky with
> them,
> the result being that DNS requests that would get routed to Tor on a
> normal
> installation are being forwarded to a big display board in the staff
> common
> room or whatever.
>
> Tor can't manage and inspect your system the way you would like it to.
> Other
> apps have to help it do this. For browsing purposes, on an OS that you
> can't
> control and don't own, the only real solution may be something like
> janusvm
> or a livecd like incognito.
>
> Hope this helps, and apologies if I'm repeating stuff elsewhere in the
> thread
> or have misunderstood your query.
>
>
>
--
mark485anderson@xxxxxx
--
http://www.fastmail.fm - Email service worth paying for. Try it for free