[tor-talk] DNS hijacking
Chuck Peters
cp at axs.org
Sun Apr 5 17:10:19 UTC 2015
Philipp Winter said:
> On Fri, Apr 03, 2015 at 10:15:42PM -0000, throwaway123 at sigaint.org wrote:
> > It will only happen when using Tor. I did a "normal" DNS dig and a
> > tor-resolve simultaneously - the first pointing to the real IP, the latter
> > pointing to said server.
>
> What is the "real" IP address? All exit relays that are currently
> online resolve your domain to 185.53.179.29.
How did you determine the resolution of all exits?
How many of the resolvers support DNSSEC?
$ host sigaint.org
sigaint.org has address 185.10.58.250
sigaint.org mail is handled by 5 mx2.sigaint.org.
sigaint.org mail is handled by 5 mx1.sigaint.org.
root at box:/etc/ssh# cat /etc/resolv.conf
domain members.linode.com
search members.linode.com
nameserver 207.192.69.5
nameserver 97.107.133.4
nameserver 207.192.69.4
options rotate
$ host 185.53.179.29
Host 29.179.53.185.in-addr.arpa. not found: 3(NXDOMAIN)
I would like to select DNS resolvers that support DNSSEC. Can an end user (TBB perhaps) select a specific DNS resolver or a set of resolvers?
Chuck
More information about the tor-talk
mailing list