-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 10/08/2017 05:41 AM, Igor Mitrofanov wrote: > Here's what I personally recommend: > # DNS servers > > no-resolv > > no-poll > > no-hosts > > server=8.8.4.4 > > server=8.26.56.26 > > server=74.82.42.42 > > server=64.6.64.6 > > server=8.8.8.8 > > server=8.20.247.20 > > server=64.6.65.6
IMO there's absolutely no advantage of using external DNS servers. The AS of the Tor exit Relay will already see the in and outgoing traffic. So this will just spread out information to therd parties too w/o any additional security. There're a lot of papers around that topic, eg. in [ 1] [1] https://nymity.ch/tor-dns/ - -- Toralf PGP C4EACDDE 0076E94E -----BEGIN PGP SIGNATURE----- iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWdnYCxccdG9yYWxmLmZv ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpTid0AP4nEna1cQ22acUjf3NmFAn7vZuk nIrP8yFjIcFk+sbmjgD/UlS7E0boHEUDotMmplvpiWU5L/YkMofa9Zep93D76Jw= =2LgX -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
