Is it possible to check for DNS-leaks on unix server?
up vote
1
down vote
favorite
I run a Ubuntu server where I have a split tunnel for VPN. Which means I have a "normal" connection to the internet for most of my services but also a tunneled connection that only a few services use. My server is in this context the client of the VPN.
I would like to know if I got DNS-leaks on the VPN tunnel. There is websites to test this but can't really use them from the terminal.
How should one solve this issue to be able to confirm if I have DNS-leaks or not?
security dns vpn
asked Dec 7 at 21:53
Jesper.Lindberg
83
add a comment |
up vote
1
down vote
favorite
I run a Ubuntu server where I have a split tunnel for VPN. Which means I have a "normal" connection to the internet for most of my services but also a tunneled connection that only a few services use. My server is in this context the client of the VPN.
I would like to know if I got DNS-leaks on the VPN tunnel. There is websites to test this but can't really use them from the terminal.
How should one solve this issue to be able to confirm if I have DNS-leaks or not?
security dns vpn
asked Dec 7 at 21:53
Jesper.Lindberg
83
What is the split tunnel? Is this the VPN server or is this server a VPN client?
– Tomasz
Dec 7 at 21:59
@Tomasz I'm using the server as a client. Split tunnel = I have "normal" connection to the internet and some serverices/users has connection to internet only via VPN
– Jesper.Lindberg
Dec 7 at 22:20
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I run a Ubuntu server where I have a split tunnel for VPN. Which means I have a "normal" connection to the internet for most of my services but also a tunneled connection that only a few services use. My server is in this context the client of the VPN.
I would like to know if I got DNS-leaks on the VPN tunnel. There is websites to test this but can't really use them from the terminal.
How should one solve this issue to be able to confirm if I have DNS-leaks or not?
security dns vpn
asked Dec 7 at 21:53
Jesper.Lindberg
83
I run a Ubuntu server where I have a split tunnel for VPN. Which means I have a "normal" connection to the internet for most of my services but also a tunneled connection that only a few services use. My server is in this context the client of the VPN.
I would like to know if I got DNS-leaks on the VPN tunnel. There is websites to test this but can't really use them from the terminal.
How should one solve this issue to be able to confirm if I have DNS-leaks or not?
security dns vpn
security dns vpn
asked Dec 7 at 21:53
Jesper.Lindberg
83
asked Dec 7 at 21:53
Jesper.Lindberg
83
edited Dec 7 at 22:24
asked Dec 7 at 21:53
Jesper.Lindberg
83
asked Dec 7 at 21:53
Jesper.Lindberg
83
asked Dec 7 at 21:53
Jesper.Lindberg
83
83
What is the split tunnel? Is this the VPN server or is this server a VPN client?
– Tomasz
Dec 7 at 21:59
@Tomasz I'm using the server as a client. Split tunnel = I have "normal" connection to the internet and some serverices/users has connection to internet only via VPN
– Jesper.Lindberg
Dec 7 at 22:20
add a comment |
What is the split tunnel? Is this the VPN server or is this server a VPN client?
– Tomasz
Dec 7 at 21:59
@Tomasz I'm using the server as a client. Split tunnel = I have "normal" connection to the internet and some serverices/users has connection to internet only via VPN
– Jesper.Lindberg
Dec 7 at 22:20
What is the split tunnel? Is this the VPN server or is this server a VPN client?
– Tomasz
Dec 7 at 21:59
What is the split tunnel? Is this the VPN server or is this server a VPN client?
– Tomasz
Dec 7 at 21:59
@Tomasz I'm using the server as a client. Split tunnel = I have "normal" connection to the internet and some serverices/users has connection to internet only via VPN
– Jesper.Lindberg
Dec 7 at 22:20
@Tomasz I'm using the server as a client. Split tunnel = I have "normal" connection to the internet and some serverices/users has connection to internet only via VPN
– Jesper.Lindberg
Dec 7 at 22:20
add a comment |
3 Answers
3
active
oldest
votes
up vote
0
down vote
If you can set up a reverse SSH tunnel on that server, then you might use a remote web browser with those DNS leak web pages to at least partially test that server. You'd also need to set up a SOCKS 5 proxy on that server and configure your browser to use it on the remote end. There was once a sample script that came with the Perl package that provides Socks, which should be enough for this task. So you need this:
<--------------------------------------------------------->
Internet <--> Server Laptop etc
SSH reverse tunnel <--> SSH
Internet <--> Socks proxy <--> Web browser
answered Dec 7 at 22:56
Tomasz
9,18852964
add a comment |
up vote
0
down vote
You could use wireshark on a separate system and man in the middle yourself. After which, you could look through the logs and see if any of the relevant leaks show up there. This would be simple and should be quite effective.
answered Dec 8 at 2:15
Michael Prokopec
999116
add a comment |
up vote
0
down vote
Another option is using iptables logging, sometimg like
iptables -A OUTPUT -d 1.1.1.1/32 -j accept
iptables -A OUTPUT -j LOG
answered Dec 8 at 2:19
user1133275
2,816519
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f486680%2fis-it-possible-to-check-for-dns-leaks-on-unix-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
If you can set up a reverse SSH tunnel on that server, then you might use a remote web browser with those DNS leak web pages to at least partially test that server. You'd also need to set up a SOCKS 5 proxy on that server and configure your browser to use it on the remote end. There was once a sample script that came with the Perl package that provides Socks, which should be enough for this task. So you need this:
<--------------------------------------------------------->
Internet <--> Server Laptop etc
SSH reverse tunnel <--> SSH
Internet <--> Socks proxy <--> Web browser
answered Dec 7 at 22:56
Tomasz
9,18852964
add a comment |
up vote
0
down vote
If you can set up a reverse SSH tunnel on that server, then you might use a remote web browser with those DNS leak web pages to at least partially test that server. You'd also need to set up a SOCKS 5 proxy on that server and configure your browser to use it on the remote end. There was once a sample script that came with the Perl package that provides Socks, which should be enough for this task. So you need this:
<--------------------------------------------------------->
Internet <--> Server Laptop etc
SSH reverse tunnel <--> SSH
Internet <--> Socks proxy <--> Web browser
answered Dec 7 at 22:56
Tomasz
9,18852964
add a comment |
up vote
0
down vote
up vote
0
down vote
If you can set up a reverse SSH tunnel on that server, then you might use a remote web browser with those DNS leak web pages to at least partially test that server. You'd also need to set up a SOCKS 5 proxy on that server and configure your browser to use it on the remote end. There was once a sample script that came with the Perl package that provides Socks, which should be enough for this task. So you need this:
<--------------------------------------------------------->
Internet <--> Server Laptop etc
SSH reverse tunnel <--> SSH
Internet <--> Socks proxy <--> Web browser
answered Dec 7 at 22:56
Tomasz
9,18852964
If you can set up a reverse SSH tunnel on that server, then you might use a remote web browser with those DNS leak web pages to at least partially test that server. You'd also need to set up a SOCKS 5 proxy on that server and configure your browser to use it on the remote end. There was once a sample script that came with the Perl package that provides Socks, which should be enough for this task. So you need this:
<--------------------------------------------------------->
Internet <--> Server Laptop etc
SSH reverse tunnel <--> SSH
Internet <--> Socks proxy <--> Web browser
answered Dec 7 at 22:56
Tomasz
9,18852964
answered Dec 7 at 22:56
Tomasz
9,18852964
answered Dec 7 at 22:56
Tomasz
9,18852964
answered Dec 7 at 22:56
Tomasz
9,18852964
9,18852964
add a comment |
add a comment |
up vote
0
down vote
You could use wireshark on a separate system and man in the middle yourself. After which, you could look through the logs and see if any of the relevant leaks show up there. This would be simple and should be quite effective.
answered Dec 8 at 2:15
Michael Prokopec
999116
add a comment |
up vote
0
down vote
You could use wireshark on a separate system and man in the middle yourself. After which, you could look through the logs and see if any of the relevant leaks show up there. This would be simple and should be quite effective.
answered Dec 8 at 2:15
Michael Prokopec
999116
add a comment |
up vote
0
down vote
up vote
0
down vote
You could use wireshark on a separate system and man in the middle yourself. After which, you could look through the logs and see if any of the relevant leaks show up there. This would be simple and should be quite effective.
answered Dec 8 at 2:15
Michael Prokopec
999116
You could use wireshark on a separate system and man in the middle yourself. After which, you could look through the logs and see if any of the relevant leaks show up there. This would be simple and should be quite effective.
answered Dec 8 at 2:15
Michael Prokopec
999116
answered Dec 8 at 2:15
Michael Prokopec
999116
answered Dec 8 at 2:15
Michael Prokopec
999116
answered Dec 8 at 2:15
Michael Prokopec
999116
999116
add a comment |
add a comment |
up vote
0
down vote
Another option is using iptables logging, sometimg like
iptables -A OUTPUT -d 1.1.1.1/32 -j accept
iptables -A OUTPUT -j LOG
answered Dec 8 at 2:19
user1133275
2,816519
add a comment |
up vote
0
down vote
Another option is using iptables logging, sometimg like
iptables -A OUTPUT -d 1.1.1.1/32 -j accept
iptables -A OUTPUT -j LOG
answered Dec 8 at 2:19
user1133275
2,816519
add a comment |
up vote
0
down vote
up vote
0
down vote
Another option is using iptables logging, sometimg like
iptables -A OUTPUT -d 1.1.1.1/32 -j accept
iptables -A OUTPUT -j LOG
answered Dec 8 at 2:19
user1133275
2,816519
Another option is using iptables logging, sometimg like
iptables -A OUTPUT -d 1.1.1.1/32 -j accept
iptables -A OUTPUT -j LOG
answered Dec 8 at 2:19
user1133275
2,816519
edited Dec 8 at 2:24
answered Dec 8 at 2:19
user1133275
2,816519
answered Dec 8 at 2:19
user1133275
2,816519
answered Dec 8 at 2:19
user1133275
2,816519
2,816519
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f486680%2fis-it-possible-to-check-for-dns-leaks-on-unix-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
What is the split tunnel? Is this the VPN server or is this server a VPN client?
– Tomasz
Dec 7 at 21:59
@Tomasz I'm using the server as a client. Split tunnel = I have "normal" connection to the internet and some serverices/users has connection to internet only via VPN
– Jesper.Lindberg
Dec 7 at 22:20