[tor-relays] Reminder: exit nodes probably shouldn't be using Google's DNS servers

Seth list at sysfu.com
Thu Jan 8 16:55:21 UTC 2015

On Thu, 08 Jan 2015 08:38:35 -0800, Paul Syverson  
<paul.syverson at nrl.navy.mil> wrote:
> The flip side is that, against such an adversary, using a DNS server  
> that supports encryption of
> queries and responses is probably more important than it being local.

I like to chain unbound up to dnscrypt-proxy in order to encrypt DNS  
traffic for this very reason.

dnscrypt-proxy frequently is unable to keep up however, so I currently  
have unbound configured to make queries directly if dnscrypt-proxy is not  

More information about the tor-relays mailing list