• 4 Posts
  • 7 Comments
Joined 6 months ago
cake
Cake day: June 9th, 2024

help-circle

  • Routing DNSCrypt through the Tor network should, in theory, anonymize DNS queries. This configuration would result in the DNS resolver observing the IP address of the Tor exit node rather than my actual IP address, thus hiding my identity from the resolver. I’m not sure why the actual request to the site would go to the IP directly.

    For implementing DNS over HTTPS (DoH) via Tor, I followed the guidelines from this GitHub repository and translated them into my current approach.

    I’ve gone through DNSCrypt’s logs, but nothing really stood out. I’m a bit lost with Wireshark - there’s so much data even if I filter it by DNS or Tor Socks Port (From my relay).

    While you asked about the basis for my conclusions, it’s worth noting that if the Tor proxy were working as intended, I would also anticipate a considerable increase in latency. There’s a huge difference when I enter https://one.one.one.one/help/ normally with "Use system proxy settings" in my browser and when I enter it with a "Manual proxy configuration" with the SOCKS Host set up and "Proxy DNS when using SOCKS v5" checked on.




  • I’m using Cloudflare and I get no output from dig 1.0.0.1.email.teatastic.org +short which should mean that my dns is not blocked. Additionally, I discovered that my self hosted email just appeared as a destination address on Cloudflare. The problem is that it’s “Pending verification”, yet I don’t receive any mails to actually confirm it.

    I’ve tried to email myself from both proton and gmail, but no emails appear in Roundcube. Since I have no prior experience with this, I might be overlooking something important, yet I’m not sure what.






  • Yeah, good point about the localhost. The ports are fine however. The actual error that I’m getting is coming from nginx: *1 connect() to unix:/run/searx/searx.sock failed (13: Permission denied) while connecting to upstream. I have added the searx and nginx groups to my main user (which I have to find a workout for anyway, since it might prove to be a security problem), yet it still does not work.