Date: Sun, 24 Nov 2019 23:02:41 +0700 From: Victor Sudakov <vas@sibptus.ru> To: freebsd-net@freebsd.org Subject: Re: Several hosts behind a caching resolver Message-ID: <20191124160241.GA17008@admin.sibptus.ru> In-Reply-To: <d726b6af-f731-ae36-9407-87e740ba5a0c@grosbein.net> References: <20191124123451.GA6593@admin.sibptus.ru> <d726b6af-f731-ae36-9407-87e740ba5a0c@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--FL5UXtIhxfXey3p5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Eugene Grosbein wrote: > >=20 > > Several hosts of the local network use a FreeBSD server with BIND or > > local-unbound as a caching resolver. Let's call it "Resolver A." > > Resolver A forwards all queries to another resolver, e.g. 8.8.8.8 or > > some other, let's call it "Resolver B." > >=20 > > Can the operator of Resolver B figure out how many clients there are > > behind Resolver A, or obtain any other information about the hosts on > > the said local network (like their operating system etc)? In other > > words, does Resolver A effectively anonymize the queries, or is some > > information about the internal network leaking? >=20 > No anonymization via unencrypted DNS. >=20 > The query itself reveals most data about clients. Windows OSes send queri= es > for MS-specific domains periodically, Android for its domains, > FreeBSD for pkg.freebsd.org or svn.freebsd.org etc. This is a good point. >=20 > If a there are multiple recursive queries for both of MS/Androis/MacOS-sp= ecific domains, > this means there are many clients behind this local resolver. If there are multiple recursive queries for MS domains only, do you think the operator of Resolver B can tell if there are 10 or 100 MS clients behind Resolver A?=20 --=20 Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ --FL5UXtIhxfXey3p5 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJd2qmhAAoJEA2k8lmbXsY0uHYH/194Ilnrq6+5U/W6n4uWZvxy 5XewcN9NyF94f+J72wVgLLcGDQVKu+uJGoL1s6TKvcHrhOrG6zqR59wBAorDdLXA GgrIMzqrmgVjDbdfZi9gqgwa/XSDsOUxfhhdPAaDYdh1ynhXVVvVNuLUZWB78BVc xfnXwnFOz3yzVroQ6xxSi1qcx7XguzR0FcC/zSxS169ho6/T2m4tdb1Vudcd/SBR ddpBG3Oc8CFADkzGwA85y0YFZ5sdB2QZAcIEu5DS75//R4prMz8sLo54NZxld7Ja N9xHRYMZz8NkQMgwwMpkKhSZXj4QHn+NMAKOKF7QQtIu1EWcMY9txLFoSs7lKuw= =UGCT -----END PGP SIGNATURE----- --FL5UXtIhxfXey3p5--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191124160241.GA17008>