[tor-relays] DNS Server
dns1983 at riseup.net
dns1983 at riseup.net
Wed Jan 23 15:02:37 UTC 2019
Ok, i understood. So, for my purposes it's not useful to change dns servers. I'll continue to use my ISP DNS servers or those of my virtual server provider.
Thanks
Il 23 gennaio 2019 15:54:34 CET, Dmitrii Tcvetkov <demfloro at demfloro.ru> ha scritto:
>On Wed, 23 Jan 2019 11:23:50 +0100
>dns1983 at riseup.net wrote:
>
>> Of course. But, as far as I know, you can host multiple domains to
>> the same ip. So, in such case, if you only know the ip you can't tell
>> what domain I visit.
>>
>
>If your adversary is able to catch your packets, then he's able to see
>packet headers, like source and destination IP addresses, also he can
>see content of the packets. Although modern HTTPS traffic is encrypted,
>but the very start of the TLS handshake isn't, so such adversary can
>see
>domain (SNI[1] field in ClientHello[2]) to which you connect to.
>
>[1] https://en.wikipedia.org/wiki/Server_Name_Indication
>[2]
>https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_handshake
--
Inviato dal mio dispositivo Android con K-9 Mail. Perdonate la brevità .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20190123/6c508076/attachment.html>
More information about the tor-relays
mailing list