Added a TLDR notice

This commit is contained in:
Dionysus 2024-02-09 11:47:27 -05:00
parent 5c799ee239
commit a3e5a3fef7
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
2 changed files with 4 additions and 2 deletions

View File

@ -5,6 +5,8 @@ This tool is designed to detect passive DNS servers that are logging DNS queries
The program operates by accepting a list of DNS resolver addresses and a seed value for subdomain generation. It then asynchronously queries each resolver with a dynamically generated subdomain, based on the provided seed, targeting a specific domain. The asynchronous nature of the tool allows for high-throughput and efficient querying, making it suitable for scanning a large number of resolvers in a short period. Users should note that while this tool provides valuable insights into DNS logging practices, it should be used responsibly and in compliance with applicable network and privacy regulations. It serves as a powerful instrument for network administrators, security researchers, and privacy advocates to understand and evaluate the extent of passive DNS logging in their networks or across various resolvers.
#### TLDR; DNS TRAFFIC IS BEING LOGGED GLOBALLY AND SOLD TO THREAT INTEL COMPANIES, WHO THEN PAYWALL THAT DATA. __DO SOMETHING ABOUT IT.__
## How it works
When the program starts, it will generate a unique subdomain for each resolver.
@ -28,7 +30,7 @@ This will return `151.202.0.84`, marking it as a DNS server that is actively log
- [ ] Bind server running accepting wildcard DNS lookups on custom domain.
- [X] Hunt down specific DNS servers used by ISP's from an ASN lookup
- [ ] Any way to apply this to custom DNS servers used by VPNs?
- [ ] Noise generator to abuse known logging servers.
- [X] Noise generator to abuse known logging servers.
This is all very theoretical right now, interested to see how this pans out.

View File

@ -9,4 +9,4 @@ https://mullvad.net/en/help/dns-over-https-and-dns-over-tls
54.225.156.17 ns1.airvpn.org
52.48.66.85 ns2.airvpn.org
dig ANY earth.all.vpn.airdns.org @dns1.airvpn.org +short