12-13-2020, 01:47 PM
(This post was last modified: 12-13-2020, 02:00 PM by PronoLeaks.)
Hi, just 20 mins ago, I found about this project and it looks super interesting! I think I am going to try it now on a 3b+ laying around. I had a question tho. How does this box handle hard coded queries ? Like IPs and dns ?
This is a problem I had trouble getting my head around when using similar installations / setups such as keexybox.
Is this allowing for having access to full monitoring report? (filtered maybe). I mean not only graphs but lists of outgoing queries made by my devices and their protocols ? (sorry if I am not that clear, I am not an expert). I am hoping that this project helps me reveal potential suspicious traffic made by devices.
I guess an example or two would be best. So let's say the Unifi dream machine, it has been suspected to "phone home" without user knowledge before and, so far, I haven't seen someone showing test results about that.
One more example, android devices using hard coded DNS to send data even if a user is trying to prevent this (which apparently bypasses user's attempts to block those). Again all speculations, at least to me. And I like to test stuff so, would this be a proper project / box for me to do that kind of investigation ?
I know some tools that might already do this but I am not that great when it comes to networking yet. Still learning some basics...
Anyways, I figured I'd ask and worst case, it'll be a suggestion for you guys / gals
Edit:
Hmm funny that I had to make this post right before finally finding good info about this topic. Usually I wasn't able to get much out of my searches hehe. Here, this is what I mean. (idk how trustworthy this info is but it does describe well what I was trying to say)
https://labzilla.io/blog/force-dns-pihole
This is a problem I had trouble getting my head around when using similar installations / setups such as keexybox.
Is this allowing for having access to full monitoring report? (filtered maybe). I mean not only graphs but lists of outgoing queries made by my devices and their protocols ? (sorry if I am not that clear, I am not an expert). I am hoping that this project helps me reveal potential suspicious traffic made by devices.
I guess an example or two would be best. So let's say the Unifi dream machine, it has been suspected to "phone home" without user knowledge before and, so far, I haven't seen someone showing test results about that.
One more example, android devices using hard coded DNS to send data even if a user is trying to prevent this (which apparently bypasses user's attempts to block those). Again all speculations, at least to me. And I like to test stuff so, would this be a proper project / box for me to do that kind of investigation ?
I know some tools that might already do this but I am not that great when it comes to networking yet. Still learning some basics...
Anyways, I figured I'd ask and worst case, it'll be a suggestion for you guys / gals
Edit:
Hmm funny that I had to make this post right before finally finding good info about this topic. Usually I wasn't able to get much out of my searches hehe. Here, this is what I mean. (idk how trustworthy this info is but it does describe well what I was trying to say)
https://labzilla.io/blog/force-dns-pihole