Changes between Initial Version and Version 1 of Ticket #16813


Ignore:
Timestamp:
Aug 14, 2015, 10:40:04 AM (4 years ago)
Author:
teor
Comment:

Split each part of the conversation by newlines for readability

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #16813 – Description

    initial v1  
    1010s shell do `tcpdump -i $your_lan_iface port 53' ... you'll see periodically that your "tor browsed" sites leaks via DNS requests to your "normal" DNS
    1111I hope that this information will be useful for somebody
     12
    1213whitanne_
    1314nettezzz: is this for the latest version of tor?
     15
    1416nettezzz
    1517it's for all versions of tor
    1618whitanne_: probably a lot of linux users are not affected, but at least some major distros have enabled nscd by default - at least we in opensuse
    1719also in nscd manpage is not this "feature" documented
     20
    1821Joost
    1922nettezzz: it appears people have noticed this in the past: https://tor.stackexchange.com/questions/4350/tor-dns-cached
     23
    2024nettezzz
    2125indeed
    2226so I re-inveneted wheel :)
    2327Joost: I didn't find it even according to the tor ... I was seting up somewhere some SOCKS proxy and found it ... later on reproduced it with tor browser
     28
    2429Joost
    2530it's mentioned in some places, I see now.. https://www.reddit.com/r/TOR/comments/1jegou/tor_and_dns_leaks/cbebnin
     31
    2632nettezzz
    2733indeed sorry for alarming ppl then ... I thought I've discovered an americas
     34
    2835Joost
    2936but imo it's odd, since it seems like quite a leak
    3037nettezzz: don't be sorry! it appears that there is very little awareness of this
     38
    3139nettezzz
    3240but anyhow, it happens still these days whilst the solution is probably rather simple 1) put this explicitely as a mention somewhere to tor browser, 2) adding a check tfor nscd to tor browser verification checks
     41
    3342whitanne_
    3443nettezzz: maybe you could file a bug report or something
     44
    3545nettezzz
    3646to be honest, I don't use tor and I don't even have a account to tor bugzilla ... so please fill bug for tor and I'm going to fill bug to our opensuse bugzilla that this is undocumented and probably insecure to have it by default enabled