DNS leak with proxychains and firefox

Question

When using firefox with proxychains -

(default configuration file with tor: socks4 127.0.0.1 9050)

and checking on dnsleaktest.com, the original lookup returns the proxied IP, but when performing an extended search it shows the original IP/location. Does this leak occur only when using firefox ? I've tried checking the tick box: Proxy DNS when using socks v5, but that doesn't help. For example, if I were to use an application to send packets to a certain IP with proxychains, would the DNS also be leaked ? How easy would it be to trace back the default tor proxy ?

Answer 1

(default configuration file with tor: socks4 127.0.0.1 9050)

Although Socks4a does, plain Socks4 does not support resolving names (i.e. DNS) at all using the Socks tunnel and it does not help if you tick a Socks5 related checkbox for this. You need to configure a Socks5 proxy instead and then tick this checkbox for resolving hostnames inside the tunnel.

For example, if I were to use an application to send packets to a certain IP with proxychains, would the DNS also be leaked ?

An application which is not aware of the tunnel will in most cases use the local resolver library to do DNS lookups and thus probably bypass the proxy for DNS lookups (i.e. leak). Applications which are aware of the Socks5 proxy and support the feature of Socks5 to do the DNS lookup will not leak.