DNS leak check

Thomas Sjögren thomas at northernsecurity.net
Fri Mar 10 18:21:45 UTC 2006


On Fri, Mar 10, 2006 at 12:10:16PM -0600, Agent0013 wrote:
> I was wondering how you check that your DNS requests are not being leaked. I
> have setup tor as a server on my Linux box at home and have just now got
> privoxy running on the same server. I ssh into that server from my computer
> at work and tunnel the connection into privoxy then into tor. Where would I
> look to find the dns request and where it is being routed? How can I make
> sure that privoxy is doing it's job in hiding the dns request. The
> connection I have not looks exactly the same as before I had privoxy
> installed and was just using tor.

If you're seeing this in your logs, DNS requests is being leaked.

[warn] fetch_from_buf_socks(): Your application
(using socks5 on port xxxxxx) is giving Tor only an IP address.
Applications that do DNS resolves themselves may leak information.
Consider using Socks4A (e.g. via privoxy or socat) instead.  For more
information, please see
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS

/Thomas
-- 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20060310/99b25445/attachment.pgp>


More information about the tor-talk mailing list