Re: Tsocks and DNS
Thanks for the response. It sounds like torify and tsocks may not be the best solution. Are there any other good *nix applications/workarounds that people have been using? Comrade Ringo Kamens On Jan 2, 2008 4:52 PM, Nick Mathewson <[EMAIL PROTECTED]> wrote: > On Wed, Jan 02, 2008 at 04:41:32PM -0500, Nick Mathewson wrote: > [...] > > They don't say what license their code is distributed under. > > I spoke too soon. tsocks is under GPLv2, and they distribute a > patched tsocks with the license in place. > > Honestly, I don't want to make it sound like there's anything wrong > with this code; DNS APIs a royal pain in the neck to implement, and > DNS logic is a pit of nasty exception cases and things you were > assumed to know. > > -- > Nick > > >
Re: Tsocks and DNS
On Wed, Jan 02, 2008 at 04:41:32PM -0500, Nick Mathewson wrote: [...] > They don't say what license their code is distributed under. I spoke too soon. tsocks is under GPLv2, and they distribute a patched tsocks with the license in place. Honestly, I don't want to make it sound like there's anything wrong with this code; DNS APIs a royal pain in the neck to implement, and DNS logic is a pit of nasty exception cases and things you were assumed to know. -- Nick pgpBs1Lm9NRSB.pgp Description: PGP signature
Re: Tsocks and DNS
On Sat, Dec 29, 2007 at 07:54:28PM -0500, Ringo Kamens wrote: > I have a question regarding tsocks. According to > http://wiki.noreply.org/noreply/TheOnionRouter/TorifyHOWTO#DNSNote, tsocks > leaks DNS requests and it suggests I either use tor-resolve or apply the > patch at http://www.totalinfosecurity.com/patches/tor.php?. Does the tsocks > version in the Ubuntu repositories still have this problem (for instance, > when I do an apt-get install tor it automatically installs torify and > tsocks)? Would you suggest using the patch? I just read through the patch, but I haven't tried it out yet. If I'm understanding it right, it extends tsocks so that in addition to replacing connect() as usual, it also replaces gethostbyname(), getaddrinfo(), and so on with versions that use Tor's resolve facilities. It doesn't support reverse lookups. There are some weird bits to the code: the authors seem to be unaware of AutomapHostsOnResolve -- or maybe they didn't want to rely on having it turned on. In any case, they duplicate its functionality in something they call a "deadpool." They don't say what license their code is distributed under. Honestly, I'd test it out and see whether it works with any given application. For some applications, this approach will work; for some, it won't. You might also want to try recent alpha Tors' DNSPort feature; if you can get an application to use Tor as your resolver, you can be very sure indeed that no data is being leaked. yrs, -- Nick pgpV0jLZ5HxBQ.pgp Description: PGP signature
Tsocks and DNS
I have a question regarding tsocks. According to http://wiki.noreply.org/noreply/TheOnionRouter/TorifyHOWTO#DNSNote, tsocks leaks DNS requests and it suggests I either use tor-resolve or apply the patch at http://www.totalinfosecurity.com/patches/tor.php?. Does the tsocks version in the Ubuntu repositories still have this problem (for instance, when I do an apt-get install tor it automatically installs torify and tsocks)? Would you suggest using the patch? Thanks Comrade Ringo Kamens
