Delivery-Date: Fri, 03 Apr 2015 20:50:30 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 4567C1E01A0
	for <archiver@seul.org>; Fri,  3 Apr 2015 20:50:28 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 749533443F;
	Sat,  4 Apr 2015 00:50:23 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 499D834202
 for <tor-talk@lists.torproject.org>; Sat,  4 Apr 2015 00:50:20 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id GlzdBwciFRlY for <tor-talk@lists.torproject.org>;
 Sat,  4 Apr 2015 00:50:20 +0000 (UTC)
Received: from ccs.nrl.navy.mil (mx0.ccs.nrl.navy.mil
 [IPv6:2001:480:20:118:118::211])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 2B909341FF
 for <tor-talk@lists.torproject.org>; Sat,  4 Apr 2015 00:50:20 +0000 (UTC)
Received: from vpn212046.nrl.navy.mil (vpn212046.nrl.navy.mil [132.250.212.46])
 by ccs.nrl.navy.mil (8.14.4/8.14.4) with ESMTP id t340oEt1007762
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
 for <tor-talk@lists.torproject.org>; Fri, 3 Apr 2015 20:50:15 -0400
Date: Fri, 3 Apr 2015 20:50:17 -0400
From: Paul Syverson <paul.syverson@nrl.navy.mil>
To: tor-talk@lists.torproject.org
Message-ID: <20150404005017.GA17580@vpn212046.nrl.navy.mil>
References: <3b5a3d29e8636f43235aafd3eac0a9bf.webmail@localhost>
 <551F147C.7000507@justaguy.pw>
 <CAD2Ti2-0TtRwEpCS5RtikpGD=f3Le3VxxMnvomDKKiBeNf=pxQ@mail.gmail.com>
 <CAKrUFkgBJYbyWbZYi85QCkzyBYRMoaOtpZV_+CS+DSTHuxKGoA@mail.gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <CAKrUFkgBJYbyWbZYi85QCkzyBYRMoaOtpZV_+CS+DSTHuxKGoA@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-CCS-MailScanner: No viruses found.
X-CCS-MailScanner-Info: See: http://www.nrl.navy.mil/ccs/support/email
Subject: Re: [tor-talk] DNS hijacking
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

If s/he is using Tor and hasn't done something odd to reconfigure, then
the DNS resolve is done at the exit relay.  His local DNS resolver is
never contacted. Also, original poster said that local resolution
worked correctly (presumably the correct IP address is known); only
over Tor was there a problem.

HTH,
Paul

On Fri, Apr 03, 2015 at 07:32:05PM -0400, Max Bond wrote:
> Have you tried this over multiple circuits? Is it possible your DNS
> provider is the one doing something naughty?
> 
> On Fri, Apr 3, 2015 at 7:12 PM, grarpamp <grarpamp@gmail.com> wrote:
> 
> > On Fri, Apr 3, 2015 at 6:30 PM, Justaguy <justaguy@justaguy.pw> wrote:
> > > If you could find out the exit, that is doing this, you can report them,
> > > to https://trac.torproject.org/projects/tor/wiki/doc/ReportingBadRelays
> >
> > Most users will not be able to figure this out because until
> > this ticket is implemented there is no simple way to do so.
> > Without being able to at least issue a simple getevents for
> > the backbuffer in the moment, Tor is likely to have subsequently
> > switched exits, the user will have nothing to go on, and have
> > given up inquiry. So we end up missing badexits without this.
> >
> > Combine setevents circ and stream
> > https://trac.torproject.org/projects/tor/ticket/11179
> > --
> > tor-talk mailing list - tor-talk@lists.torproject.org
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

