I sometimes route my Web traffic through ssh using a SOCKS proxy. The purpose is to have all traffic be encrypted.

The way I do it is to open up a terminal and run this...

$ ssh -v -C -N -D 9000 my_own_vps_host.com

And in local machine's network settings I check "SOCKS proxy" and set it to port 9000.

My question is whether my local machine is sending plaintext URLs to the DNS server, or does it send those over the encrypted connection and let the remote server handle the DNS requests?

(My local machine is a Mac if that makes any difference.)

  • What web browser are you using?
    – sciurus
    Commented Sep 21, 2011 at 19:05
  • Usually Chrome. Occasionally Safari.
    – Ethan
    Commented Sep 21, 2011 at 19:06

2 Answers 2


Depending on your browser and setup, DNS queries can go through the proxy, but not always. I'd recommend using something like Wireshark to analyze your traffic and see where the requests are going.


On Firefox, it depends on whether network.proxy.socks_remote_dns is set. Chrome on Windows performs resolution locally.

For a reliable test, install Wireshark and watch for DNS packets.

Note: Full URLs are never sent in plain; only the domain names are.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .