If I am using SSH for a SOCKS proxy, do DNS connections go through it?
I know the answer is bit late, but for the reference and for those who are still looking for the answer,
Set the network.proxy.socks_remote_dns property in firefox config (type about:config in address bar) to TRUE (just double click the property to toggle the value) to enable dns lookups over your local/remote socks5 proxy.
PS: I'm not sure about other browsers :(
If it's a SOCKS 5 proxy, and the client program supports it, DNS will go through the proxy. Most browsers support DNS through a Socks 5 proxy, but may require special configuration to do it.
If your goal is privacy on the web , you really should use something like privoxy. Privoxy will cleanse the headers of your web requests and ensures all traffic, including DNS, goes through the Socks 5 proxy. Run privoxy locally, and you can use ssh to tunnel the Socks 5 traffic.
You can't do that out of the box since the SSH tunnel is for TCP/IP connections only - UDP traffic won't be able to be cross that tunnel without a special setup. Basically you need to create a fifo to do some trickery with netcat as described here. You can use google's DNS from the far end box then.
As mentioned over there, your system wide lookups are not tunnelled.
If you want an SSH based solution, you can get inspiration from here or use SSHuttle (e.g. mentioned here). There is a patch to forward DNS queries easily.
YMMV, but I have had success with the following:
#!/bin/bash
# Taken from http://stackoverflow.com/questions/4594319/shell-replace-cr-lf-by-comma
DNSSERVERS=$(nmcli d show | grep DNS | awk '{print $2}' | sed -e 'H;${x;s/\n/,/g;s/^,//;p;};d' )
sshuttle \
-vvv \
--dns-hosts ${DNSSERVERS} \
-r server \
254.254.254.254/32
It depends on your application. Firefox, for example, sends hostname to SOCKS proxy without resolving it. In this case, you do not have to do anything for privacy. You can confirm that by wireshark.
PS. assume you are using a SOCKS5 proxy. SOCKS4 does not support hostname.