From a3e5a3fef77ab7e9178bce8d72299829115fe92c Mon Sep 17 00:00:00 2001 From: acidvegas Date: Fri, 9 Feb 2024 11:47:27 -0500 Subject: [PATCH] Added a TLDR notice --- README.md | 4 +++- vpn_dns.txt | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 64642a4..b59c372 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,8 @@ This tool is designed to detect passive DNS servers that are logging DNS queries The program operates by accepting a list of DNS resolver addresses and a seed value for subdomain generation. It then asynchronously queries each resolver with a dynamically generated subdomain, based on the provided seed, targeting a specific domain. The asynchronous nature of the tool allows for high-throughput and efficient querying, making it suitable for scanning a large number of resolvers in a short period. Users should note that while this tool provides valuable insights into DNS logging practices, it should be used responsibly and in compliance with applicable network and privacy regulations. It serves as a powerful instrument for network administrators, security researchers, and privacy advocates to understand and evaluate the extent of passive DNS logging in their networks or across various resolvers. +#### TLDR; DNS TRAFFIC IS BEING LOGGED GLOBALLY AND SOLD TO THREAT INTEL COMPANIES, WHO THEN PAYWALL THAT DATA. __DO SOMETHING ABOUT IT.__ + ## How it works When the program starts, it will generate a unique subdomain for each resolver. @@ -28,7 +30,7 @@ This will return `151.202.0.84`, marking it as a DNS server that is actively log - [ ] Bind server running accepting wildcard DNS lookups on custom domain. - [X] Hunt down specific DNS servers used by ISP's from an ASN lookup - [ ] Any way to apply this to custom DNS servers used by VPNs? -- [ ] Noise generator to abuse known logging servers. +- [X] Noise generator to abuse known logging servers. This is all very theoretical right now, interested to see how this pans out. diff --git a/vpn_dns.txt b/vpn_dns.txt index faedd38..3693d60 100644 --- a/vpn_dns.txt +++ b/vpn_dns.txt @@ -9,4 +9,4 @@ https://mullvad.net/en/help/dns-over-https-and-dns-over-tls 54.225.156.17 ns1.airvpn.org 52.48.66.85 ns2.airvpn.org -dig ANY earth.all.vpn.airdns.org @dns1.airvpn.org +short +