-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Leaks DNS server on Mull Browser (android) #142
Comments
FoxyProxy does not handle the DNS. All DNS queries are handled by the browser and therefore it is a browser issue. The DNS leak issues have been reported to Firefox and it is due to be sorted. |
wow, did not know this, thanks. Pretty amazing that such a major functionality on a privacy focused browser is leaking for so long! |
Instead of creating a new issue on here I'm just responding to this because it's relevant.... Why does FoxyProxy have an option to toggle |
@hazeyez |
@erosman understood thanks for that info. are you willing to help guide me/us in how to get firefox configged so that dns doesnt leak when using foxyproxy? i'm aware of the firefox network settings, |
@hazeyez DNS leak usually is not a major security concern. It is only visible if a server administrator monitors DNS queries. Furthermore, both systems and browsers cache DNS so the request is usually made once. If you point out the exact circumstance where a leak occurs, there might be some workaround until the issue is sorted by Firefox. Administrators often monitor port 53 for DNS queries. If you are able to use other ports e.g. OpenDNS port 5353, that would prevent DNS logging. |
I use Firefox, and I get the same problem (DNS leaking, according to this page) when I use FoxyProxy attached to one of my Firefox Multi-User Containers. Specifically, I see the correct DNS server, as well as my browser's DNS servers (all together). I don't get that problem when using the browser's main SOCKS 5 settings instead of FoxyProxy's. Should I report this on Firefox's bugtracker? |
I think they already have enough data on that bug tracker. It might complicate the matter to add proxy WebExtension API into the mix. Please also note that both browser and the system cache DNS responses. Therefore, testing must be done after a complete restart and/or after flushing the DNS cache of both. |
Noted. However strace shows me that my computer's DNS servers are accessed when they shouldn't (as opposed to what happens when I set browser's normal SOCKS 5 settings). |
Is that for the domain that is being proxied? For example, when using the proxy When using patterns for |
I don't know it it's for the domain being proxied, because the lines in strace were truncated for some reason (and I don't know how to un-truncate this output). But approximately half of the many requests being made during my visit to https://www.dnscheck.tools/ were to my DNS servers port 53 They were many. My computer's DNS servers are declared numerically in etc/resolv.conf. |
Website tools use JavaScript and fetch API which is a totally different layer than the proxy API. When I tested, the data doesn't have any direct correlation to my configuration. In order to test DNS request, you would need to use a network protocol analyzer installed on your computer (e.g. WireShark or similar). |
I don't get it - is it possible that my DNS does not leak, while the website tools website (dnscheck.tools) displays my computer's DNS servers? |
Ok I'll check wireshark, too |
https://f-droid.org/en/packages/us.spotco.fennec_dos/
one of the more popular gecko based android choices for privacy folks
if I go to ipleak.net with a simple socks5 configured in foxy proxy, it detects both my system DNS and my socks proxy's DNS.
yes I have ProxyDNS enabled on the proxy config
no i dont have any special filtering
foxyproxy/firefox-extension#141
i am also aware of the above issue but whether i enable or disable the Unclock option in uBlock, it still leaks DNS
i also tried disabled uBlock altogether and also tried disabled Encrypted Client Hello ECH, but those didnt work either, so i think this is a foxy proxy issue
The text was updated successfully, but these errors were encountered: