-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 running your own bind does not eliminate dns leaks, out of your node will still emerge dns requests and that's all that's needed to do the time-correlation.
It should be possible, however, to proxy bind through tor, but only through a transparent proxy with iptables or running the bind daemon through tsocks. I'm not sure exactly what is required. numE wrote: > Hi, > > i just configured a local caching only dns server > to use the open root server network (www.orsn.org). > > in my opinion it brings some benefits compared to using my isp's dns > server and the open root server network is independent from ICANN dns > servers. > > -- > > now it would be interesting to torify bind to get even more security. > is this possible? > > > thanks in advance. > - -- - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (GNU/Linux) mQGiBERj1vMRBACVgg5fJVUARD0cJHm/PzLU3oDoIPlraL1SyjLQcLDQt1mDmfk5 bIsvFYUujcM2j4s072Gufm1/52N27JESvtRc3zlAzCUZ8rHdwT7q5pELALBe+5WN Ug+iJhejCgeIQpxDy7tlaW0ZMFS8DQcN2mUa+I+Gn1Fv1Vpz9ltniKRoowCgt+6M 2HmK6DpGJpHbi0UE6H6DMi8D/0bXstm6yIc11ldpYK0vLp91+HIyiYcWexS+LY0Q QYfYKnzoy1TfziLULMBdCItzvw5wsa3nS4EBuRBFZACEB8X6VZTjDY+bt1UP20RY 2yXy9xJ2DMJxwoNRvSTwCcOdCdSJQMeElhh6XzWAxdHASH8orOK9dcB0K4eyh8pX dQSkA/9u8cgQeIsALNaVkWg+CoL+hEu3fP3BmqyDEQrQlI/j5zaFwjiakP8fwCpm NOnH6JJwksiNQT/TpRAht5BLIuLUEHtqY/GaCkqE5v0CStDbVEK+ZFPw7ePlAL1J VIPl9GNkQRR0ScwOIK7s0XP1PpIA0FTq7LrXdWeyUY6QzPiy/7QeZ2x5bXIgPGds eW1yX2Rhcmttb29uQG1sMS5uZXQ+iGAEExECACAFAkRj1vMCGyMGCwkIBwMCBBUC CAMEFgIDAQIeAQIXgAAKCRAaQ7PBp6zsm6aOAJ98KrhhH05KtM3HmVUY0ud/W1Db QgCfcyB2mZuVlWk+NwGRvT5pwdyArXC0IGdseW1yIDxnbHltcl9kYXJrbW9vbkB5 YWhvby5jb20+iGAEExECACAFAkRuMj8CGyMGCwkIBwMCBBUCCAMEFgIDAQIeAQIX gAAKCRAaQ7PBp6zsm+5+AKCiWMvUd6SoPOFVLf/X4Mc5aucjrwCfRi/61tCSqKkb qXyFHcAOMmFW8tu5BA0ERGPYGhAQALyvvcNnKI6nfpZTGVwpzVvDho4irlQCvVvt /wAE8UfTFBuv1HhMtNi3CCTEVaunA8Ezh0F9VM0r/CoaDCNHKHunBe12lyA7lBxi tEvvr1trLttWlgjpY5oFS8iaEChFLYsBnrDC6gr+SIxOVdobFupHRCqEMsPZEubi 732s0X5B1RMlvGN9lMatumnr8BwAgzMGDi6xwx6Psh3+7Tgfrc/uiwJLbNms2Vkw eKoVuFG62TpBzD5pNW8+uS9BN+OUlgAeFD3VyG72scbn84NECkN6fyv8l9j9k+gD +fGcg5a4/RtGC8XTD41RTHBRZ4J5xIeKt1lOPYY4sEsrvrYC6qRklne8mxQ+f9F2 LtxBRFjDYq+yNjpL3+t0GsqzwiDKVsJmamcovGmzbFL9rkocr0X53Y1SmQkwn4Yh sXZaSFXIht57kgdx8taWKeksexdSBBG9rFBexzshfIaxc3J67zB+SkoUMKU52rH7 d3quCgtOoqYz4LjdDOhaETQNAwJwv6Vha5eb292ZPXLT/wRQ7RzYlPZ3ikonwjuB slWF6JtEe/J51lgaEPZW6c/Rovt9uekBdpnAkc9zqOml1BfKVvOVq5ESs0C6QtjF PelSEakrlF9vs71xXHxupkzRqPDIgRQ2mbsLponi7Iuopn25A8VmH0xztMdPKwXn 0GM5YtfDAAMFEACJ33XNxiiyy+o7WLBHRextCEVaE12C7oJdMs1Nom149yZPBhtR PbpLai8+J2pd8LV17fIYQ+Cg+5fdQyjn6hgTA/0kA7Y3v+SrCXocDKiTkqw+hljW D+xWkJ96N7JOiidZ+7FqrI3Mn6DJFPcF8WM50LWDogR2C7ik7J/GuBLoLOCXgIXm gBK0tk6fr1Fn54MJ5UTnMo74EwM/e199agwtdv8C0csJBQkW3HgCpUgYXNQi0SbA RmC+4Sl38ac6Fbut4Dznsod5om19cq53dnSL/z4lZz8r9nk46j1/NCB9IbNMWZMz QYKx6kqmOPaUuce8mfPvJmUpkCFUEdATvrJkirSOS2zkdG6tZeXUG2+x+edyZRpB lyZzczl531y/6SsV5v78g5kIgKewedNGTWXRAqj3A90nUXfGYsy6Vo33Hqhg5Vs3 OczP5mxQUyuRlkPyuLT8/2NU6vppNm/J34RX4bJHK0NqNmp/lA1y267t0Jiv3NHf 1WEICYiXb7kJWKcQSNjFKjUJiOIVfHpIsiiLKd/tOQht5tWXC4zNm1uOhskXcEYh RlLCbRgcdNdy78fdfNhDlN29Cu20TkJQMnBG92mUyxB+8+yRlsgfsytauJqO0sLv Vd2WS2wm0C+oPstBRrza+U1VZDyK2BPAbb1RS+var6m46uhu59xHMSKRTYhJBBgR AgAJBQJEY9gaAhsMAAoJEBpDs8GnrOybfAYAn34P2SFPj4/dcenDocaOCGFa0rbR AJ4qkvG2Euv7nc1GxfFPK2+MbEuqnw== =1PSJ - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFHvnYGkOzwaes7JsRA+qHAKCyt02f22aa+L28OHgoZVC2sKXhmACgqQ9X UIkfnbPFLHtt9D6HY7B+SPQ= =VcjK -----END PGP SIGNATURE-----