Any more opinions please if DNS queries leak information about the internal network topology and size to the resolver?
It would be interesting to consider 2 separate cases: 1. The internal network is NATed. 2. The internal network is IPv6 with ipv6_privacy="YES" Victor Sudakov wrote: > Dear Colleagues, > > Several hosts of the local network use a FreeBSD server with BIND or > local-unbound as a caching resolver. Let's call it "Resolver A." > Resolver A forwards all queries to another resolver, e.g. 8.8.8.8 or > some other, let's call it "Resolver B." > > Can the operator of Resolver B figure out how many clients there are > behind Resolver A, or obtain any other information about the hosts on > the said local network (like their operating system etc)? In other > words, does Resolver A effectively anonymize the queries, or is some > information about the internal network leaking? > > -- > Victor Sudakov, VAS4-RIPE, VAS47-RIPN > 2:5005/49@fidonet http://vas.tomsk.ru/ -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/
signature.asc
Description: PGP signature