Proper TOR DNS Configuration Testing Help

[Mark Manning]

Hello - I'm just starting to pay attention to this mailing list so forgive
me if this subject has been brought up before.

I'm interested in setting up a [or using an existing] service that could
test for a proper DNS configuration [among other things].  The goal being
that a person could visit a web page to confirm that their DNS queries were
being forwarded through the TOR network and not using a local DNS server.

HD Moore of the Metasploit project has had some interesting success with his
Decloak research project
[link]<http://www.metasploit.com/research/misc/decloak/>which as I
understand it, uses a custom DNS server and a special web page to
force a client to resolve a special domain name where the server can
correlate the lookup name to the IP that is making the request and thereby
determining whether or not their DNS queries are coming from a TOR exit
node.

My question is has anyone had any experience with this subject they would
like to share?  Specifically with existing services out there or any ideas
for implementing such a service.

The final goal for my humble project is to come up with an ubiquitous
testing page that could report with relative certainty that a user's
environment is configured properly for anonymity or not and do so without
assuming any specific client-side capabilities [ie Javascript, java,
cookies, etc].  My hang up right now is finding the best way to test that
DNS queries are going out over the TOR network.

Again, I apologize if this is a silly question but I appreciate any
feedback.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20071229/b56cc7a6/attachment.htm>