transparent forced dns-'proxy' on Exit-Node - is it ok?
Ringo Kamens
2600denver at gmail.com
Tue Jan 9 18:00:00 UTC 2007
I don't know the technicals of DNS but it sounds like a great idea to
me. One of the major problems tor faces (IMHO) is DNS resolution which
isn't perfect.
On 1/9/07, herfel at gmx.net <herfel at gmx.net> wrote:
> Hello,
>
> for reasons that are not relevant to the question, my tor-node 'cannot'
> function as an exit-node. However I was thinking that it would be possible
> for me, to use iptables to force-route all outgoing dns-requests from the
> tor-IP to my local dns-server, who would then make outgoing queries to it's
> upstream dns-servers etc. Since we have a fast server and plenty of
> bandwidth and reliable DNS (that do not much around with things), I think
> this ould be helpful (in a small way) for improving DNS-resolution on the
> tor-network.
> However I can see how some people could see this as a negative thing,
> because in cases where tor-users wanted to specifically talk with certain
> DNS-Servers, or wanted to use non-dns udp-traffic on port 53, which for some
> reason happened to look very much like dns-traffic, well, those people would
> be annoyed, because they'd keep getting potentially "wrong" answers,
> possibly in a way that they wouldn't be aware of right away.
>
> Is there a policy on this? If not, I'd be interested in hearing opinions
> (with arguments) about whether you'd find this helpful or hurtful; or
> whether I should just forget about the idea.
>
>
> Thanks and Regards
>
> Herfel
> --
> Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
> Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
>
More information about the tor-talk
mailing list