See what each host resolved to in Logs
Currently the logs only show the requester IP(ie. my IP at the time) and the hostname that my IP requested to be DNS resolved, but not what that hostname resolved to.
For example, favicons.nextdns.io resolves to multiple IPs like this:
104.26.0.148 favicons.nextdns.io
104.26.1.148 favicons.nextdns.io
172.67.72.46 favicons.nextdns.io
2606:4700:20::681a:94 favicons.nextdns.io
2606:4700:20::681a:194 favicons.nextdns.io
2606:4700:20::ac43:482e favicons.nextdns.io
So it would be nice if they are logged with the request also, so that if by any chance some DNS poisoning was going on, let's say, then the user would know which hostnames got resolved to what, and when, if looking back at the Logs. Good for security.
However, doing this, might not allow you to, in a possible future let's say, allow authorities to, through you(eg. with your permission or help), temporarily give selective NextDNS users fake DNS IPs ie. resolve some hostnames to authorities' IPs, for MITM purposes, because those IPs would be logged, well, unless you also allow them to not log the fake IPs but the real ones(ie. fake the logs in real time), then yeah that would still work.
Reply
Content aside
-
2
Likes
- 2 yrs agoLast active
- 50Views
-
1
Following