If you are using SSH to tunnel your web traffic, to keep your information private, you might be vulnerable to a DNS man-in-the-middle attack.  If your DNS requests aren’t tunneled, the operator of the hostile (or locked down) network can still see where you are navigating to on the web when your client makes DNS requests to resolve hostnames to IP addresses.
For these reasons (and for many others), it’s a good idea to tunnel DNS through your SSH tunnel too.  This can be done very easily in Firefox.

In the Firefox URL address bar, enter “about:config“.
In the Filter text field, enter “network.proxy.socks_remote_dns“.
Double-click “network.proxy.socks_remote_dns” to set the value to true.