Full Disclosure mailing list archives

Re: UnAnonymizer

From: Peter Besenbruch <prb () lava net>
Date: Mon, 26 Jun 2006 23:29:14 -1000

Cardoso wrote:
> If the app uses an unknow DNS server, I think it's enough of a risk to
> worry about.

I refer folks to the following page on TOR:

"Using privoxy is necessary because browsers leak your DNS requests whenthey use a SOCKS proxy directly, which is bad for your anonymity."

http://tor.eff.org/docs/tor-doc-unix.html.en

That means, your DNS server becomes the DNS server used by the TOR exitnode. I have no idea how many DNS servers operate with poisoned caches,and the like. If I wanted to do some financial transaction, I thinkCardoso is suggesting a direct connection, instead. In earlierdiscussions, people argued that an SSL connection offered someprotection, or warning about pharming attacks.


> On Tue, 27 Jun 2006 08:49:13 +0000 (GMT)
> Brate Sanders <brate_sanders () yahoo co uk> wrote:
>

> BS> BS> Is there a security issue hidden somewhere in there or is itjust a bug report sent to the wrong mailing list address? :-)

--
Hawaiian Astronomical Society: http://www.hawastsoc.org
HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

UnAnonymizer H D Moore (Jun 26)
- Re: UnAnonymizer Peter Besenbruch (Jun 27)
  - Re: UnAnonymizer Brate Sanders (Jun 27)
    - Re: UnAnonymizer Cardoso (Jun 27)
    - Re: UnAnonymizer Peter Besenbruch (Jun 27)
- Re: UnAnonymizer pdp (architect) (Jun 27)
  - Re: UnAnonymizer Tonnerre Lombard (Jun 27)
    - Re: UnAnonymizer pdp (architect) (Jun 28)
- Re: UnAnonymizer H D Moore (Jun 27)
  - Re: UnAnonymizer Michael Holstein (Jun 27)
    - Re: UnAnonymizer Peter Besenbruch (Jun 27)
  - Re: UnAnonymizer Peter Besenbruch (Jun 27)
  - Re: UnAnonymizer RaMatkal (Jun 29)