On Tue, Oct 14, 2014 at 5:49 AM, Martin Lambers <mar...@marlam.de> wrote: > On Tue, 14 Oct 2014 10:48:32 +0200, ilf wrote: >> The Tor Project recommends SOCKS 4a over SOCKS 5 against DNS leaks: >> https://www.torproject.org/docs/faq#WarningsAboutSOCKSandDNSInformationLeaks
> Yes, but only if the SOCKS5 application does DNS lookups itself, which > we do not. What we do is basically what SOCKS4a would do. That faq needs rewritten. It's not socks that 'leaks' what is passed to it [1], it's the app leaking dns around the socks proxy it was told to use (except for socks4 where that is the expected app behaviour). Though once the app does properly pass a hostname to socks4a or socks5, the socks server should resolve it. Note that socks4a spec can and does handle a real IP just like socks4, socks4a is thus not just strictly for hostnames. Tor should not be warning about receiving an IP on its socks4a or socks5 interface since technically it's both ok and commonplace for users to specify only an IP as their destination. Save it for debug mode. Tor also needs to move away from legacy mention of socks4 / socks4a in preference to socks5. Or at least instruct to try and test socks5 configurations first... socks5 is the only one to handle ipv6. [1] Unless your socks client lib is so crappy that it tries to resolve namelikes itself in a leaky fashion without sending them to the socks server. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk