Added a TLDR notice
This commit is contained in:
parent
5c799ee239
commit
a3e5a3fef7
@ -5,6 +5,8 @@ This tool is designed to detect passive DNS servers that are logging DNS queries
|
|||||||
|
|
||||||
The program operates by accepting a list of DNS resolver addresses and a seed value for subdomain generation. It then asynchronously queries each resolver with a dynamically generated subdomain, based on the provided seed, targeting a specific domain. The asynchronous nature of the tool allows for high-throughput and efficient querying, making it suitable for scanning a large number of resolvers in a short period. Users should note that while this tool provides valuable insights into DNS logging practices, it should be used responsibly and in compliance with applicable network and privacy regulations. It serves as a powerful instrument for network administrators, security researchers, and privacy advocates to understand and evaluate the extent of passive DNS logging in their networks or across various resolvers.
|
The program operates by accepting a list of DNS resolver addresses and a seed value for subdomain generation. It then asynchronously queries each resolver with a dynamically generated subdomain, based on the provided seed, targeting a specific domain. The asynchronous nature of the tool allows for high-throughput and efficient querying, making it suitable for scanning a large number of resolvers in a short period. Users should note that while this tool provides valuable insights into DNS logging practices, it should be used responsibly and in compliance with applicable network and privacy regulations. It serves as a powerful instrument for network administrators, security researchers, and privacy advocates to understand and evaluate the extent of passive DNS logging in their networks or across various resolvers.
|
||||||
|
|
||||||
|
#### TLDR; DNS TRAFFIC IS BEING LOGGED GLOBALLY AND SOLD TO THREAT INTEL COMPANIES, WHO THEN PAYWALL THAT DATA. __DO SOMETHING ABOUT IT.__
|
||||||
|
|
||||||
## How it works
|
## How it works
|
||||||
When the program starts, it will generate a unique subdomain for each resolver.
|
When the program starts, it will generate a unique subdomain for each resolver.
|
||||||
|
|
||||||
@ -28,7 +30,7 @@ This will return `151.202.0.84`, marking it as a DNS server that is actively log
|
|||||||
- [ ] Bind server running accepting wildcard DNS lookups on custom domain.
|
- [ ] Bind server running accepting wildcard DNS lookups on custom domain.
|
||||||
- [X] Hunt down specific DNS servers used by ISP's from an ASN lookup
|
- [X] Hunt down specific DNS servers used by ISP's from an ASN lookup
|
||||||
- [ ] Any way to apply this to custom DNS servers used by VPNs?
|
- [ ] Any way to apply this to custom DNS servers used by VPNs?
|
||||||
- [ ] Noise generator to abuse known logging servers.
|
- [X] Noise generator to abuse known logging servers.
|
||||||
|
|
||||||
This is all very theoretical right now, interested to see how this pans out.
|
This is all very theoretical right now, interested to see how this pans out.
|
||||||
|
|
||||||
|
@ -9,4 +9,4 @@ https://mullvad.net/en/help/dns-over-https-and-dns-over-tls
|
|||||||
|
|
||||||
54.225.156.17 ns1.airvpn.org
|
54.225.156.17 ns1.airvpn.org
|
||||||
52.48.66.85 ns2.airvpn.org
|
52.48.66.85 ns2.airvpn.org
|
||||||
dig ANY earth.all.vpn.airdns.org @dns1.airvpn.org +short
|
|
||||||
|
Loading…
Reference in New Issue
Block a user