[tor-bugs] #12582 [Ooni]: Add support for detecting the DNS resolver used by a probe
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 9 12:32:27 UTC 2014
#12582: Add support for detecting the DNS resolver used by a probe
-------------------------+-------------------------
Reporter: hellais | Owner: hellais
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Ooni | Version:
Keywords: | Actual Points:
Parent ID: | Points:
-------------------------+-------------------------
Currently when running the dns_consistency test if no resolvers are
specified we attempt to read it from /etc/resolv.conf. Sometimes what is
found inside of resolv.conf is the actual address of a DNS resolver, but
it may be something in the local network.
To understand where censorship is actually happening it would be ideal to
know the address of the true resolver that is being used. This can be
achieved by delegating a subdomain of ooni.nu to a nameserver that is
controlled by us. This way every time a DNS query for
<RANDOM_STRING>.<SUBDOMAIN>.ooni.nu is done we will see a query to our
nameserver.
This nameserver will simply return to every A query the IP address that
issued the request. A test helper for this has already been implemented:
https://github.com/TheTorProject/ooni-
backend/blob/master/oonib/testhelpers/dns_helpers.py#L26.
What needs to be done is added support to ooni-probe for performing this
lookup and using the data in the report.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12582>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list