[tor-relays] Reminder: exit nodes probably shouldn't be using Google's DNS servers
Seth
list at sysfu.com
Thu Jan 8 16:55:21 UTC 2015
On Thu, 08 Jan 2015 08:38:35 -0800, Paul Syverson
<paul.syverson at nrl.navy.mil> wrote:
> The flip side is that, against such an adversary, using a DNS server
> that supports encryption of
> queries and responses is probably more important than it being local.
I like to chain unbound up to dnscrypt-proxy in order to encrypt DNS
traffic for this very reason.
dnscrypt-proxy frequently is unable to keep up however, so I currently
have unbound configured to make queries directly if dnscrypt-proxy is not
responding.
More information about the tor-relays
mailing list