On 04/29/2012 03:49 PM, Tom wrote: > On 29 April 2012 12:53, anonym <[email protected]> wrote: > >> >> So, you have to switch from using Google's DNS (which blocks Tor >> nowadays) to OpenDNS or whatever DNS server you trust. You'll still be >> unable to do multiple DNS requests at a time, though. >> >> > Yes, you are right! So for now I'm scraping the ttdns+unbound idea, at > least until ttdnsd won't be fixed or, until (hopefully!) Tor won implement > it's own DNS tools [1]. > Is there any other way to reliably resolve DNS queries through Tor?
I wrote a HOWTO for DNS/DNSSEC over Tor with unbound+socat (IMHO if you're using unbound, drop ttdnsd altogether): https://labs.nic.cz/page/993/dnssec-validation-over-tor--linux-/ Click 'English' on top of the page if you get Czech version (it takes language preferences from headers sent by browser; Referer sending must enabled in browser in order the language switch to work). I'm also working now on DNS/DNSSEC as Tor hidden service over TLS, I'll post the HOWTO in couple of days. > [1] https://lists.torproject.org/pipermail/tor-dev/2012-March/003341.html The above proposal/implementation will take a while to finish, I've run into some technical quirks that need to be resolved (in order to have it working reasonably fast and not shoot yourself in foot with some stupid design/coding mistake). That's also the reason I decided to try the "DNS as hidden service over TLS" approach. Ondrej _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
