DNS

Peter Palfrader peter at palfrader.org
Sat Mar 18 13:05:17 UTC 2006


On Sat, 18 Mar 2006, Watson Ladd wrote:

> We can protect TCP connections, right? So applications should be modified to
> use TCP connections for DNS

No.  The application should be modified to do socks4a or socks5 with
hostnames.  Tor will then resolve the hostname on the other side when
making a connection.  Using TCP for DNS isn't really the answer.  For
starters to which DNS server do you go, and secondly it introduces extra
latency for no good reason.  The latter is also the reason why that dns
server called TorDNS is not really a good idea.

> That will anonymize DNS.  We also could have Tor itself do this for the DNS
> queries.

Tor already does dns queries.
-- 
 PGP signed and encrypted  |  .''`.  ** Debian GNU/Linux **
    messages preferred.    | : :' :      The  universal
                           | `. `'      Operating System
 http://www.palfrader.org/ |   `-    http://www.debian.org/



More information about the tor-talk mailing list