[ooni-dev] Detection of DNS used by probe

[Clodo]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi, i recently do some maintenance on a website called ipleak.net.
I added a json/api feature, and i think can be useful in a OONI probe
to detect DNS spoofing/injection.

For example, fetch this: (change the third-level domain to a random hash
):

https://a_long_random_hash_for_every_request.ipleak.net?mode=json

The domain are resolved by ISP, they DNS query ask the resolution of
the random domain to our authoritative server,
our server collect the IP address of the latest ISP DNS that request
the domain and report it in the http response.

Note that if the ISP have more DNS server (load-balancing), doing
multiple requests (every with a new hash) can return many DNS IP.

For example, here in Italy doesn't matter if i try to use Google DNS
8.8.8.8, my ISP (Vodafone) always do a 'Transparent DNS', they capture
any request over port 53 and redirect to their DNS.
If a country do the same thing for censorship reason, you can detect
it with this technique.

If this feature is interesting for OONI, feel free to use it on
ipleak.net throught our API.

Otherwise, if you prefer to implement yourself, i'm here for free
support.
You need a domain with NS record that point to a server you control
(dns authoritative), a bind9, a named-pipe between bind9 and a script,
and a wildcard SSL certificate if you want all under SSL.

Ciao!
Clodo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJVpRXGAAoJEC/ixHrG0m4LVQoH/RAJ4dPCTcCsV0tWpgjOprGk
CQJ2BLuqqc+1tr9sUansLYhPjTM3MVmsBwqrE18k4jLx/wb9CxJicSWR3BUFCtUt
eZANQPWjo+wr9xrH2G448pHosjsUKUJH+45f05M/RL2ucCwHw39JSh8vrz3SBxiv
QOOrbC5SXFY20kOVtX4uDPjsSyf5e1cpwDmawNUE/anaM7TtOWYMtSQADYozl7/1
6cl1sCfeH0uR4mIshgnIevDf4BYOwUrzVtsxuNh3Z4FCwxX0qcVCgVVv6Iur6O3H
BuMUPAiy5GruD+T95AlHYu5mkh2/0tkCQHu3+xgq4hp0s9IyzL5Bv5sfy9hRVzU=
=20ib
-----END PGP SIGNATURE-----