[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
On 12/09/2017 20:25, Ralph Seichter wrote:
> I'm not certain what you consider a "DNS attack".
>
> Many exit node operators run a caching DNS resolver on their exits,
> which is easily done. Lacking that, you can use the resolvers run by
> your ISP, who can monitor all outbound traffic anyway, as I mentioned.
>
An attacker can try to find what websites a Tor user has visited, by
comparing :
- the timing of Tor user home connection traffic and
- the timing of DNS queries happening on DNS servers controlled by the attacker
On this webpage, the author talks about "correlation" attack :
https://nakedsecurity.sophos.com/2016/10/05/unmasking-tor-users-with-dns/
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays