Skip to content

Add a new option "RouteDNSTraffic" to prevent noobs from insecure way to use Tor.

RouteDNSTraffic 1 (default: 1, enabled.)

Analyzed my exit node's traffic, I noticed many users is sending DNS traffic over Tor, expecially targeting 8.8.8.8.

Tor itself should reroute the tcp port 53 request to TorDNS system to prevent linking.

https://nakedsecurity.sophos.com/2016/10/05/unmasking-tor-users-with-dns/ https://lists.torproject.org/pipermail/tor-relays/2016-May/009255.html

Before: User === Tor ----- Tor node ---> 8.8.8.8

After: User === Tor[ --reroute-to-TorDNS-system ]<--->Tor node

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information