--- On Mon, 4/6/09, Scott Bennett <benn...@cs.niu.edu> wrote: > >>3) Same as (2) but this time i used the follwing > config options in torrc: > >> 'ServerDNSResolvConfFile C:\Program > Files\Tor\resolv.conf' and > 'ServerDNSDetectHijacking 0' > >> With the OpenDNS servers, correctly, listed in > the 'resolv.conf' file. > > > > You are running tor as a relay, as well as as a > client? Your 3) affects > >only relay operations, of course, not client > operations. And, AFAIK, the only > >relay operations affected are exit services, so unless > you're running tor as > >an exit relay, the stuff you did in 3) should > effectively change nothing. Yes indeed im running tor as both relay and client. When i set my client to not resolve DNS queries using the tor network i get the warning messages. (Which ofcourse are as expected) > > > >> My scenario-goal does _still_not_ work because > the DNS queries are still seemingly resolved by the tor-exit > point. > >> > > Correct. > > > >>So uhmm....Anyone have any ideas how i can > accomplish my scenario-goal? > >> > > You haven't mentioned your reason(s) for > wanting to do such a thing. > >I surmise that you do not intend to use tor for > anonymity but rather for some > >other end, such as tunneling through a firewall. tor, > however, is designed > >with the aim of preserving anonymity, so it issues > those messages to let the > >user/operator know that some application *may* be > breaking anonymity. If > >your aim is different from that of tor, you may just > have to put up with the > >messages. Given that the messages are logged to a > file, if anywhere, is that > >a problem? You don't *have* to look at them, after > all. My reason(s) for this scenario is so that: 1) I am able to use custom DNS-Servers for both my client and others that use my exit point, without the warning messages. 2) My, the operators, custom DNS-Servers can speedup _and_ aid in anonymity by blocking/re-directing certain domain names to other IP's. Which will, in the case of OpenDNS, return a small HTML with a message telling its blocked.
Preventing the access to specific domains will, IMHO, improve anonymity for both the relay operator and the client using it as exit point. I came-up with this scenario because i wanted to speedup the user experience _and_ kill the webs tracking behaviors as much as i can. So i admit i understand that for my scenario to work without the warning messages tor needs an extra config option to allow IP-only requests from custom listed IP's in its torrc file. (fe. localhost/127.0.0.1 for the local client) I understand that one can use Privoxy for even more advanced filtering, but a simple DNS-based filtering system is more than enough for most of the web-tracking systems IMHO. Besides this approach will even enable tor to utilize bind+rbl :) It's just IMHO the next step towards _more_ anonymity... Oh and about the message and me not needing to look at them: They are logged to stdout and presented in the log-window of vidalia. The rest of the messages are still important enough to be seen by the operator.