nmap DNS leaks
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
-
- Level 1
- Posts: 6
- Joined: Mon Dec 13, 2021 3:05 pm
nmap DNS leaks
I never noticed before that nmap scanning a private network 192.168.*.*/* or 10.*.*.*/* using the option n (-Pn or -sn) is quering for the given addresses. It happens on LMDE3 (desktop)and on KALI based on Bullseye (as Virtualbox guest). Can someone explain to me if there is a reason for this? I have also installed DNScrypt-proxy on the desktop and I detect the dns leaks monitoring the traffic with wireshark. TY
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 2 times in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: nmap dns leaks
nmap doing the reverse lookup isn't (necessarily) "a dns leak".
Also,
Also,
nmap -sn 192.168.0.0/24
is NOT the same as nmap -n -sn [...]
-
- Level 1
- Posts: 6
- Joined: Mon Dec 13, 2021 3:05 pm
Re: nmap DNS leaks
Thank you for your response. My mistake.
Re: nmap DNS leaks
To secure your DNS nothing better than dnscrypt-proxy2.Mymustache wrote: ⤴Mon Mar 21, 2022 2:24 pm I never noticed before that nmap scanning a private network 192.168.*.*/* or 10.*.*.*/* using the option n (-Pn or -sn) is quering for the given addresses. It happens on LMDE3 (desktop)and on KALI based on Bullseye (as Virtualbox guest). Can someone explain to me if there is a reason for this? I have also installed DNScrypt-proxy on the desktop and I detect the dns leaks monitoring the traffic with wireshark. TY
Adguard Home also offers the role in charge of dnssec.
Here some servers offering dnssec public resolver => https://download.dnscrypt.info/resolver ... solvers.md.
AMD Ryzen 7 3700X - 32GB DDR4 RGB White - RTX4060TI O8GB White- SSD NVME Crucial P5 500GB - Mobo Gigabyte AORUS ELITE B550 V2 - PSU Corsair RM750 White - Case Corsair 5000D Airflow White 7 fans AF120 ARGB - AIO Corsair H100I Cappelix 240 White
-
- Level 1
- Posts: 6
- Joined: Mon Dec 13, 2021 3:05 pm
Re: nmap DNS leaks
Yes, thank you. It's working for a while like a charm . I just referenced because I didn't notice that I was missing an option in nmap (ignorance), for easier troubleshoot. However, I still don't understand why nmap is designed to allow dns requests when the private network or private addresses are specified, maybe a choice to keep it simple and lighter?! or...(I prefer to drive manual instead of automatic, maybe its for the same reason?!)...anyway, I learned the lesson.
Re: nmap DNS leaks
because knowing what host responded (by name) is quite helpful.Mymustache wrote: ⤴Mon Mar 21, 2022 4:26 pm I still don't understand why nmap is designed to allow dns requests when the private network or private addresses are specified.
Re: nmap DNS leaks
Hi Mymustache,
Welcome to the wonderful world of Linux Mint and its excellent forum!
I just read your post and the good replies to it. Here are my thoughts on this as well.
Although "dnscrypt-proxy" is a good choice for keeping DNS leaks from happening when using a VPN or not using a VPN, there are a couple other options for implementing DNS protection like "DNS over TLS" and "DNS over HTTPS" that you might consider.
I use DNS over TLS (DOT) and the link below is an excellent article on easily setting this up
Configure DNS over TLS on Linux Mint to Protect DNS Privacy
https://www.linuxbabe.com/linux-mint/dn ... tls-stubby
Set Up DNS over HTTPS (DoH) Resolver on Ubuntu with DNSdist
https://www.linuxbabe.com/ubuntu/dns-ov ... tu-dnsdist
Hope this helps ...
Welcome to the wonderful world of Linux Mint and its excellent forum!
I just read your post and the good replies to it. Here are my thoughts on this as well.
Although "dnscrypt-proxy" is a good choice for keeping DNS leaks from happening when using a VPN or not using a VPN, there are a couple other options for implementing DNS protection like "DNS over TLS" and "DNS over HTTPS" that you might consider.
I use DNS over TLS (DOT) and the link below is an excellent article on easily setting this up
Configure DNS over TLS on Linux Mint to Protect DNS Privacy
https://www.linuxbabe.com/linux-mint/dn ... tls-stubby
Set Up DNS over HTTPS (DoH) Resolver on Ubuntu with DNSdist
https://www.linuxbabe.com/ubuntu/dns-ov ... tu-dnsdist
Hope this helps ...
Phd21: Mint 20 Cinnamon & KDE Neon 64-bit Awesome OS's, Dell Inspiron I5 7000 (7573, quad core i5-8250U ) 2 in 1 touch screen
-
- Level 1
- Posts: 6
- Joined: Mon Dec 13, 2021 3:05 pm
Re: nmap DNS leaks
Yes I understand. I believe is not wrong or right it’s more a question of choice and it is related to the use case. My point with that comment was: as a security/networking tool if the reverse lookup is needed it could be specified, instead of being given at the first (of course doesn’t excuse my -n mistake). This is more a philosophical debate but I love nmap and I think it’s an excellent tool and I still have allot to learn about its full capacity.djph wrote: ⤴Mon Mar 21, 2022 8:04 pmbecause knowing what host responded (by name) is quite helpful.Mymustache wrote: ⤴Mon Mar 21, 2022 4:26 pm I still don't understand why nmap is designed to allow dns requests when the private network or private addresses are specified.
-
- Level 1
- Posts: 6
- Joined: Mon Dec 13, 2021 3:05 pm
Re: nmap DNS leaks
Thank you for the links, very useful.phd21 wrote: ⤴Mon Mar 21, 2022 9:36 pm Hi Mymustache,
Welcome to the wonderful world of Linux Mint and its excellent forum!
I just read your post and the good replies to it. Here are my thoughts on this as well.
Although "dnscrypt-proxy" is a good choice for keeping DNS leaks from happening when using a VPN or not using a VPN, there are a couple other options for implementing DNS protection like "DNS over TLS" and "DNS over HTTPS" that you might consider.
I use DNS over TLS (DOT) and the link below is an excellent article on easily setting this up
Configure DNS over TLS on Linux Mint to Protect DNS Privacy
https://www.linuxbabe.com/linux-mint/dn ... tls-stubby
Set Up DNS over HTTPS (DoH) Resolver on Ubuntu with DNSdist
https://www.linuxbabe.com/ubuntu/dns-ov ... tu-dnsdist
Hope this helps ...
I already used, in a simple way, DoH just on firefox. Then read about what the pros and cons of those solutions and I decided to install DNScrypt-proxy. Maybe I’ll change after install LMDE5.
Re: nmap DNS leaks
Yeah, the default is (IIRC) to "sometimes" perform the lookup (i.e. "do the lookup if the host at that IP responds"). You can then either disable it entirely (Mymustache wrote: ⤴Tue Mar 22, 2022 10:15 pmYes I understand. I believe is not wrong or right it’s more a question of choice and it is related to the use case. My point with that comment was: as a security/networking tool if the reverse lookup is needed it could be specified, instead of being given at the first (of course doesn’t excuse my -n mistake). This is more a philosophical debate but I love nmap and I think it’s an excellent tool and I still have allot to learn about its full capacity.djph wrote: ⤴Mon Mar 21, 2022 8:04 pmbecause knowing what host responded (by name) is quite helpful.Mymustache wrote: ⤴Mon Mar 21, 2022 4:26 pm I still don't understand why nmap is designed to allow dns requests when the private network or private addresses are specified.
-n
) or force it to always lookup (-R
).note too that
nmap
is primarily a network discovery tool, and the "security" / "portscan" stuff is bolted on top.