Endwall 06/10/2016 (Fri) 07:10:51 No.73 del
>>69
I'm not an expert I'm hacking it as I go.
so take my word with a grain of salt.

>dnscrypt-proxy
I have it installed, but i'm not using it currently. Anything that encrypts your dns traffic will enhance your "privacy". This helps prevent against packet inspection by say your ISP or some 3rd party monitoring it all. However since you're making calls to an external server, this server could still log your requests. Who's to say that this 3rd party doesn't have access to those servers already. Its better than DNS out in the open unencrypted but like everything if you have to do something right you have to do it yourself.

I like the dnsmasq technique to resolve the dns requests through the tor network, but this is kind of useless if you're doing things out in the open and resolving the dns for these things through tor, but you could put this on to make certain that there are no "DNS leaks" while you're using tor. I think that's a neat idea.

However from time to time I have to do stuff right out in the open, (Banking,Ebay, etc) and for that I run a caching DNS server running unbound or bind-9 and I reslove to my internal caching servers for this.

If i'm using torsocks, or links2 through tor the dns goes through tor (9050) anyways, so I don't think i'm gaining anything,other than comfort by using 9053 to resolve all dns while I'm using tor behind links...

I'm not an expert, I've probably said something contradictory or incorrect by now in these last two paragraphs.

>>Transport 9040
Plugable transports. Bridges try to hide your connections by using "unpublished" tor entry and relay nodes. This can be packet inspected to be tor traffic and banned/blocked. To get around this they do some kind of packet shaping to make this traffic look like regular https traffic or some other regular looking traffic.

Message too long. Click here to view full text.