Thread: ssh tunneling: how to ?
View Single Post
Benson's Avatar
Benson is offline Benson
2009-01-06 , 15:54
Posts: 4,930 | Thanked: 2,272 times | Joined on Oct 2007
#9
Originally Posted by brendan View Post
ok, so -D is a socks-like attempt to proxy connections, but not really a socks proxy?
It is a SOCKS proxy, just one that happens to route all proxied connections via a secure channel to the remote server.

also, from my readings on privoxy and tor, does the -D forwarding "leak" DNS queries like socks4? when using privoxy in combination with tor, one must forward requests from privoxy to tor using only forward-socks4a directives to avoid DNS leaks.
AFAIK, it's SOCKS4/5 (not 4a, so requires IPs, not FQDNs), but it can handle any traffic, including DNS, if you make the DNS requests through the proxy. So if you can make your software (e.g. MicroB, which can) perform DNS lookup via TCP, you can push it through SOCKS to the DNS server, and then make a connection to the resulting IP through SOCKS. Qole's instructions included a setting for that. (I think...)

With an appropriately compiled TSOCKS, also, DNS can be forced to TCP, and SOCKSified. I'm not sure if a version compiled that way is about. (And TSOCKS, if you can get it working right, makes everything run through the tunnel instead of configuring each app separately.)

Finally, you could just use socat or netcat to run DNS over UDP over TCP over SSH -- it's not as hard as it sounds.
__________________
World's first inductively-charged N900!