FIXING DNS LEAK WITH TOR / FIREFOX

 

When surfing the internet through Tor, DNS leakage is one of the biggest concerns when using a browser. If you are not aware of what DNS is, let’s explain this real quick.

Servers on the internet are identified by their IP address so they can communicate with other nodes on the network. This is a set of 4 octets such as 8.8.8.8 (Google’s Public DNS Server). It would be a complete nightmare if we had to remember Facebook’s IP address every time we wanted to login to the website.

Thankfully along the way we came up with a grand solution. We attached what is called an A record to the IP address. This means that when we query a DNS server for, say Facebook.com, the DNS server will look at its A records to point your browser to Facebook’s IP address. (173.252.110.27) Now that a DNS query is granted, your browser can now connect to Facebook servers to login.

This is a potential problem if you are using Tor as it leaves you exposed to what is known as DNS leakage. If you do not have your browser configured right, your browser will first go to your DNS servers to query a website’s IP address, after it grabs the IP it will then go to the target website.

If your traffic is being monitored, it wouldn’t take a rocket scientist to analyze your traffic and see that every time you connected with encryption to an unknown IP address, everytime before you just made a DNS query to your DNS server thus allowing a snooper to see every site you connected to.

Tor Bundle comes with Firefox that is modded to work with Tor. However, without extra configuration, it will leave you with DNS leakage. To get around this we have to go into Firefox’s config file.

Go to Firefox’s address bar, type ‘ about:config ‘ and hit enter.

There are three settings you have to look for :

network.proxy.socks_remote_dns

Default is False, You need to turn this value to True

browser.safebrowsing.enabled

browser.safebrowsing.malware.enabled

Default is True, You need to turn these values to False

That’s it. Now you can surf the internet without your DNS queries giving you away.