Tsocks and DNS

Nick Mathewson nickm at freehaven.net
Wed Jan 2 21:41:32 UTC 2008

On Sat, Dec 29, 2007 at 07:54:28PM -0500, Ringo Kamens wrote:
> I have a question regarding tsocks. According to
> http://wiki.noreply.org/noreply/TheOnionRouter/TorifyHOWTO#DNSNote, tsocks
> leaks DNS requests and it suggests I either use tor-resolve or apply the
> patch at http://www.totalinfosecurity.com/patches/tor.php?. Does the tsocks
> version in the Ubuntu repositories still have this problem (for instance,
> when I do an apt-get install tor it automatically installs torify and
> tsocks)? Would you suggest using the patch?

I just read through the patch, but I haven't tried it out yet.  If I'm
understanding it right, it extends tsocks so that in addition to
replacing connect() as usual, it also replaces gethostbyname(),
getaddrinfo(), and so on with versions that use Tor's resolve
facilities.  It doesn't support reverse lookups.

There are some weird bits to the code: the authors seem to be unaware
of AutomapHostsOnResolve -- or maybe they didn't want to rely on
having it turned on.  In any case, they duplicate its functionality in
something they call a "deadpool."

They don't say what license their code is distributed under.

Honestly, I'd test it out and see whether it works with any given
application.  For some applications, this approach will work; for
some, it won't.

You might also want to try recent alpha Tors' DNSPort feature; if you
can get an application to use Tor as your resolver, you can be very
sure indeed that no data is being leaked.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 652 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20080102/80160839/attachment.pgp>

More information about the tor-talk mailing list