[tor-dev] Requesting feedback on TorDNSd v1.1
Zaher F.
the_one_man_85 at hotmail.com
Tue Aug 2 11:46:01 UTC 2011
how i can confirm that all dns traffic are going through tor proxy after running tordsn????
thx
Date: Tue, 26 Jul 2011 23:43:41 +0000
From: m8rovpdyd at gmail.com
To: tor-dev at lists.torproject.org
Subject: Re: [tor-dev] Requesting feedback on TorDNSd v1.1
Hello,
+ Currently, when a query fails, it'll use the next configured DNS server and reattempt to query on that one.
Nothing special is done at the moment, but I'm open for suggestions.
+ A possible issue I see is that retrying a(n invalid) query on all possible domains may give a delay since it'll attempt to query all configured dns servers.
+ If I had to add additional DNS servers, I'd add in the OpenDNS servers.
I'd like to add that one of the other nice features of TorDNSd are the filters : An internet connection not leaking out any DNS requests could look suspicious, but using 'filter-direct' rules you could define a couple of 'legal' queries to leak 'on purpose'.
- LETO
On Tue, Jul 26, 2011 at 11:16 PM, intrigeri <intrigeri at boum.org> wrote:
Hi,
LETO wrote (26 Jul 2011 22:45:21 GMT) :
> It can use one or multiple remote dns servers (by default the google
> ones) meaning you can perform all queries (not just 'A' ones)
Ok. I see the point of using ttdnsd-like functionality to supplement
what the Tor DNS resolver is able to achieve itself. See our page
about this issue on the Tails wiki in case you want to understand the
place I'm speaking from:
https://tails.boum.org/todo/support_arbitrary_dns_queries/
I also see the point of not granting one (and maybe a few) company/ies
the power to decide example.com does not exist for TorDNSd (and Tails)
users. Hence my past, present and future questions:
How exactly does TorDNSd deal with multiple remote DNS servers?
What issues could be possibly caused by using multiple remote DNS
recursive servers by default in TorDNSd?
What additional recursive servers would you consider worth adding to
the default TorDNSd configuration?
Bye,
--
intrigeri <intrigeri at boum.org>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| Did you exchange a walk on part in the war
| for a lead role in the cage?
_______________________________________________
tor-dev mailing list
tor-dev at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
_______________________________________________
tor-dev mailing list
tor-dev at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20110802/0f0befa9/attachment.htm>
More information about the tor-dev
mailing list