tor with OpenDNS as default DNS, using Firefox+FoxyProxy
Scott Bennett
bennett at cs.niu.edu
Mon Apr 6 18:28:06 UTC 2009
On Mon, 6 Apr 2009 13:00:16 -0500 (CDT) I wrote:
> On Sat, 4 Apr 2009 17:48:45 -0700 (PDT) Tripple Moon
><tripple.moon at yahoo.com> wrote:
>>This is my 1st posting to this list but nevertheless ill start straight away with a question/problem if you all don't mind :)
>>
>>The scenario i want to accomplish is:
>>Using the tor network while DNS queries are resolved using the DNS-servers of OpenDNS without tor complaining with warnings about client supplying only IP-addresses.
>>
>>What i have done sofar is:
>>1) I have setup my firefox to use FoxyProxy to contact tor on my localmachine 127.0.0.1 on its default 9050 port as socks proxy.
>> I have _disabled_ "Use socks proxy for DNS lookups".
>> My scenario-goal works but, this gives the very annoying warning messages, which btw are ofcourse totally to be expected in this case.
>>2) Same as (1) but this time have _enabled_ "Use socks proxy for DNS lookups".
>> My scenario-goal does _not_ work because the DNS queries are resolved by the tor-exit point.
>
> Yes, that is correct. The exit relay is supposed to handle all
>name-to-addresss resolution.
>
>>3) Same as (2) but this time i used the follwing config options in torrc:
>> 'ServerDNSResolvConfFile C:\Program Files\Tor\resolv.conf' and 'ServerDNSDetectHijacking 0'
>> With the OpenDNS servers, correctly, listed in the 'resolv.conf' file.
>
> You are running tor as a relay, as well as as a client? Your 3) affects
>only relay operations, of course, not client operations. And, AFAIK, the only
>relay operations affected are exit services, so unless you're running tor as
>an exit relay, the stuff you did in 3) should effectively change nothing.
I just remembered another place that name resolution is involved, still
only for relays, but not necessarily exit relays. If a hostname+domainname
specification is used on the Address line in torrc, tor will use the resolver
library locally to resolve its own address.
>
>> My scenario-goal does _still_not_ work because the DNS queries are still seemingly resolved by the tor-exit point.
>>
> Correct.
>
>>So uhmm....Anyone have any ideas how i can accomplish my scenario-goal?
>>
> You haven't mentioned your reason(s) for wanting to do such a thing.
>I surmise that you do not intend to use tor for anonymity but rather for some
>other end, such as tunneling through a firewall. tor, however, is designed
>with the aim of preserving anonymity, so it issues those messages to let the
>user/operator know that some application *may* be breaking anonymity. If
>your aim is different from that of tor, you may just have to put up with the
>messages. Given that the messages are logged to a file, if anywhere, is that
>a problem? You don't *have* to look at them, after all.
Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet: bennett at cs.niu.edu *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good *
* objection to the introduction of that bane of all free governments *
* -- a standing army." *
* -- Gov. John Hancock, New York Journal, 28 January 1790 *
**********************************************************************
More information about the tor-talk
mailing list