Disable Privoxy filters yet still plug DNS leaks?

Discussion in 'privacy technology' started by anonymusadhoc, Jun 1, 2008.

Thread Status:
Not open for further replies.
  1. anonymusadhoc

    anonymusadhoc Registered Member

    Joined:
    Jun 1, 2008
    Posts:
    2
    Hello all,

    First-time poster here. I just want to start by thanking you all for running a great forum. I've already learned a lot here (though it may not look like it once you read what's below).

    My question is this:

    I'm running Tor/Privoxy with Firefox2 with the NoScript, CookieSafe, and AdBlock+ addons installed. I'm happy with the way those addons manage scripts/cookies/ads. All I want Privoxy to do is to plug DNS leaks as described in the Tor documentation. I don't want a lot of redundant script/cookie/ad blocking going on, because I figure it'll just slow things down. I'm currently running Tor/Privoxy as installed by the Vidalia bundle and haven't modified any of the Privoxy config files as installed by Vidalia. How do I configure Privoxy to disable all of it's filters and just block DNS leaks, or is it already configured this way by Vidalia?

    I read in the Privoxy config.txt file that a "toggle 0" setting would disable all filters, but does this also disable whatever Privoxy does that plugs DNS leaks? Which Privoxy settings are resposible for the DNS leak plugging?

    I guess another question is is it still necessary to use Privoxy for DNS leaks? I saw something on the wiki Tor page that implied later version of Tor resolved the DNS leak problem, although all the documentation I've seen for Tor says you must install Privoxy.

    Thanks.
     
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    You can help keep yourself fixed up by opening your browser and typing in about:config in the address bar and hit "enter". Then in the lower window that appears type in "remote" and you'll see a value about remote DNS queries popping up. You want to make sure that it is indeed performing remote DNS. This allows you to not even need privoxy at all.
     
  3. anonymusadhoc

    anonymusadhoc Registered Member

    Joined:
    Jun 1, 2008
    Posts:
    2
    OK, thanks for that. The Firefox2 setting is:

    network.proxy.socks_remote_dns, and it's set to 'true'.

    And according to my Tor log, remote dns lookups are being performed.

    One thing that has me concerned is something I read in the Tor docs here:
    https://wiki.torproject.org/noreply/TheOnionRouter/TorifyHOWTO/WebBrowsers

    "To find out whether your [Firefox] version implements remote DNS resolution correctly, you may try out a URL ending in .onion, like this one, http://6sxoyfb3h2nvok2d.onion/tor/ , leading to the the Hidden Tor Wiki. If the Hidden Wiki shows up, remote DNS resolution works."

    When I tried clicking on that link, my browser wouldn't load the page. I'm not sure what this means. Also, when I test my Tor status at https://torcheck.xenobite.eu/index.php? , it says that it can't connect to hidden services at dige6xxwpt2knqbv.onion. Don't know what this means either.
     
  4. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    .onion addresses may be unreliable. I've experienced that a few times. Keep retrying and try some other .onion addresses.
     
  5. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    See this post for a stripped-down Privoxy configuration (courtesy of Kye-U) with almost all filtering disabled (for when other tools are used to filter web traffic).

    The most accurate method to check that DNS leakage is not taking place is to check your firewall logs - non-Tor traffic will trigger DNS lookups (outgoing UDP connections to your ISP DNS servers, port 53) but Tor traffic should not.

    If your firewall does not log traffic (consider switching to one that does...) then you could try (temporarily - since it will disrupt other network traffic!) blocking outgoing access for UDP port 53 and seeing if your PC can still access sites via Tor.
     
Loading...
Thread Status:
Not open for further replies.