<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'><div dir='ltr'>
how i can confirm that all dns traffic are going through tor proxy after running tordsn????<BR><br><BR>thx<br><BR><br><div><hr id="stopSpelling">Date: Tue, 26 Jul 2011 23:43:41 +0000<br>From: m8rovpdyd@gmail.com<br>To: tor-dev@lists.torproject.org<br>Subject: Re: [tor-dev] Requesting feedback on TorDNSd v1.1<br><br>Hello,<br><br>+ Currently, when a query fails, it'll use the next configured DNS server and reattempt to query on that one.
Nothing special is done at the moment, but I'm open for suggestions.<br><br>+ A possible issue I see is that retrying a(n invalid) query on all possible domains may give a delay since it'll attempt to query all configured dns servers.<br>
<br>+ If I had to add additional DNS servers, I'd add in the OpenDNS servers.<br><br>I'd like to add that one of the other nice features of TorDNSd are the filters : An internet connection not leaking out any DNS requests could look suspicious, but using 'filter-direct' rules you could define a couple of 'legal' queries to leak 'on purpose'.<br>
<br>- LETO<br><br><div class="ecxgmail_quote">On Tue, Jul 26, 2011 at 11:16 PM, intrigeri <span dir="ltr"><<a href="mailto:intrigeri@boum.org">intrigeri@boum.org</a>></span> wrote:<br><blockquote class="ecxgmail_quote" style="padding-left:1ex">
Hi,<br>
<br>
LETO wrote (26 Jul 2011 22:45:21 GMT) :<br>
<div class="ecxim">> It can use one or multiple remote dns servers (by default the google<br>
> ones) meaning you can perform all queries (not just 'A' ones)<br>
<br>
</div>Ok. I see the point of using ttdnsd-like functionality to supplement<br>
what the Tor DNS resolver is able to achieve itself. See our page<br>
about this issue on the Tails wiki in case you want to understand the<br>
place I'm speaking from:<br>
<br>
<a href="https://tails.boum.org/todo/support_arbitrary_dns_queries/" target="_blank">https://tails.boum.org/todo/support_arbitrary_dns_queries/</a><br>
<br>
I also see the point of not granting one (and maybe a few) company/ies<br>
the power to decide <a href="http://example.com" target="_blank">example.com</a> does not exist for TorDNSd (and Tails)<br>
users. Hence my past, present and future questions:<br>
<br>
How exactly does TorDNSd deal with multiple remote DNS servers?<br>
<br>
What issues could be possibly caused by using multiple remote DNS<br>
recursive servers by default in TorDNSd?<br>
<br>
What additional recursive servers would you consider worth adding to<br>
the default TorDNSd configuration?<br>
<div class="ecxim"><br>
Bye,<br>
--<br>
intrigeri <<a href="mailto:intrigeri@boum.org">intrigeri@boum.org</a>><br>
| GnuPG key @ <a href="https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc" target="_blank">https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc</a><br>
| OTR fingerprint @ <a href="https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc" target="_blank">https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc</a><br>
</div> | Did you exchange a walk on part in the war<br>
| for a lead role in the cage?<br>
<div><div class="h5">_______________________________________________<br>
tor-dev mailing list<br>
<a href="mailto:tor-dev@lists.torproject.org">tor-dev@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev</a><br>
</div></div></blockquote></div><br>
<br>_______________________________________________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev</div> </div></body>
</html>