[tor-relays] DNS Server
Dmitrii Tcvetkov
demfloro at demfloro.ru
Wed Jan 23 14:54:34 UTC 2019
On Wed, 23 Jan 2019 11:23:50 +0100
dns1983 at riseup.net wrote:
> Of course. But, as far as I know, you can host multiple domains to
> the same ip. So, in such case, if you only know the ip you can't tell
> what domain I visit.
>
If your adversary is able to catch your packets, then he's able to see
packet headers, like source and destination IP addresses, also he can
see content of the packets. Although modern HTTPS traffic is encrypted,
but the very start of the TLS handshake isn't, so such adversary can see
domain (SNI[1] field in ClientHello[2]) to which you connect to.
[1] https://en.wikipedia.org/wiki/Server_Name_Indication
[2] https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_handshake
More information about the tor-relays
mailing list