[tor-dev] Requesting feedback on TorDNSd v1.1

Zaher F. the_one_man_85 at hotmail.com
Tue Aug 2 11:46:01 UTC 2011


how i can confirm that all dns traffic are going through tor proxy after running tordsn????


thx


Date: Tue, 26 Jul 2011 23:43:41 +0000
From: m8rovpdyd at gmail.com
To: tor-dev at lists.torproject.org
Subject: Re: [tor-dev] Requesting feedback on TorDNSd v1.1

Hello,

+ Currently, when a query fails, it'll use the next configured DNS server and reattempt to query on that one. 
Nothing special is done at the moment, but I'm open for suggestions.

+ A possible issue I see is that retrying a(n invalid) query on all possible domains may give a delay since it'll attempt to query all configured dns servers.


+ If I had to add additional DNS servers, I'd add in the OpenDNS servers.

I'd like to add that one of the other nice features of TorDNSd are the filters : An internet connection not leaking out any DNS requests could look suspicious, but using 'filter-direct' rules you could define a couple of 'legal' queries to leak 'on purpose'.


- LETO

On Tue, Jul 26, 2011 at 11:16 PM, intrigeri <intrigeri at boum.org> wrote:

Hi,



LETO wrote (26 Jul 2011 22:45:21 GMT) :

> It can use one or multiple remote dns servers (by default the google

> ones) meaning you can perform all queries (not just 'A' ones)



Ok. I see the point of using ttdnsd-like functionality to supplement

what the Tor DNS resolver is able to achieve itself. See our page

about this issue on the Tails wiki in case you want to understand the

place I'm speaking from:



  https://tails.boum.org/todo/support_arbitrary_dns_queries/



I also see the point of not granting one (and maybe a few) company/ies

the power to decide example.com does not exist for TorDNSd (and Tails)

users. Hence my past, present and future questions:



How exactly does TorDNSd deal with multiple remote DNS servers?



What issues could be possibly caused by using multiple remote DNS

recursive servers by default in TorDNSd?



What additional recursive servers would you consider worth adding to

the default TorDNSd configuration?



Bye,

--

  intrigeri <intrigeri at boum.org>

  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc

  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc

  | Did you exchange a walk on part in the war

  | for a lead role in the cage?

_______________________________________________

tor-dev mailing list

tor-dev at lists.torproject.org

https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev




_______________________________________________
tor-dev mailing list
tor-dev at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20110802/0f0befa9/attachment.htm>


More information about the tor-dev mailing list