{{tag>privacy guides software linux internet}}
====== How to use Tor as a DNS resolver ======
===== Why? =====
**DNS** is one of the most insecure aspects of the [[internet]]. Every DNS request is sent over plaintext to the DNS server your computer decides to use, usually decided by your [[operating system]] vendor, your ISP's DHCP, or the one you've set. 
This is a serious issue, as the function of a DNS server is to resolve hostnames to addresses. DNS over HTTPs/TLS secures the plaintext protocol against a MitM attack, but it does not do anything to stop the server from seeing every host your computer asks for it to resolve. There is no question that this information is being saved. It's pretty much the wet dream of every SEO person/data broker/unscrupulous person to be able to see all the pages that someone is viewing. 
Fortunately, [[Tor]] lets you route these DNS requests over the Tor network, making them [[anonymity|anonymous]] as well as secure against man in the middle attacks. 
===== How ===== 
On most unixlikes (Note: won't work on [[systemd]] systems):
<code>
echo "DNSPort 53" >> /etc/tor/torrc
echo "AutomapHostsOnResolve 1" >> /etc/tor/torrc
echo "nameserver 127.0.0.1" > /etc/resolv.conf
</code>
Restart the Tor service to your init system and try using ''nslookup www.google.com'' to check if the changes went through. If the first line reads "Server:		127.0.0.1" then it succeeded.