Lab – Installing DNSCrypt and Capturing the Encrypted Traffic

by

Lab :Installing DNSCrypt and Capturing the Encrypted Traffic

DNSCrypt is a protocol that authenticates communications between a DNS client and a DNS resolver. It prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven’t been tampered with. (https://dnscrypt.info)

Never use plagiarized sources. Get Your Original Essay on
Lab – Installing DNSCrypt and Capturing the Encrypted Traffic
Hire Professionals Just from $11/Page
Order Now Click here

Please read DNSCrypt article before starting this lab: https://www.opendns.com/about/innovations/dnscrypt

There are many implementations of DNSCrypt, which have been listed on https://dnscrypt.info/implementations

For this lab, you are free to install any implementation on your physical or virtual workstation.

Alternatively, you can follow the YogaDNS installation steps that are given on this page. You will need a Windows 7, 8, or 10 to complete this lab.

 

Instructions:

Take the screenshots of steps 5, 8, and 11.

1) YogaDNS does not harm your computer. It is a tiny software, and its installation and uninstallation are quite straightforward. You can install it on your Windows workstation and continue to use it for better DNS security. If you don’t want to install it on your physical Windows workstation or you don’t have a Windows workstation:

a. Download and Install VirtualBox

https://www.virtualbox.org/wiki/Downloads

b. Download and configure the Windows 10 virtual image: https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/

2) Download and install Wireshark to your Windows computer

https://www.wireshark.org/download.html

3) Start traffic capturing by using Wireshark

4) Enter this filter to Wireshark: udp.dstport == 53

5) Open Edge Browser: Visit any website you want and observe cleartext DNS queries on port 53

6) Download and install YogaDNS to your Windows computer

https://yogadns.com/download/

7) Run YogaDNS

8) Click Configuration > DNS Servers > Edit on YogaDNS

9) See the IP address of the DNS server, which is 8.8.8.8 (DNSCrypt resolver)

10) Visit any website other than you typed in Step-5 and observe that there is no DNS UDP port 53 traffic (Previous queries care cached by the operating system)

11) Remove the previous filter to enter this into Wireshark: ip.addr == 8.8.8.8 and see the TLS packages. Visit other websites and see new TLS packages.

12) Right-click any TLS or TCP traffic in Wireshark and click Follow > TCP Stream. See that the DNS traffic is encrypted.