Skip to content
Branch: master
Find file Copy path
Find file Copy path
1 contributor

Users who have contributed to this file

executable file 54 lines (35 sloc) 1.41 KB

Prevent DNS leaking from Chrome browser on Android phone

  1. Type chrome://flags
  2. search for keyword: async dns
  3. set value to DISABLED
  4. restart Chrome

Your image title


// curl with DoH 
curl -H 'content-type: application/dns-message' -vL -v '' | hexdump -C

curl -H 'content-type: application/dns-message' -vL -v '' | hexdump -C

// Kdig TLS
kdig @2001:19f0:7001:1ded:5400:1ff:fe90:945b +tls
kdig @ +tls -p 443
kdig @ +tls -p 443
kdig @2a01:4f8:1c1c:6b4b::1 +tls

Mac OSX Mojave use Openssl TLS 1.3

brew upgrade
brew install openssl@1.1

// Put openssl tls 1.3 as first choice on zsh, paste it and restart terminal
echo 'export PATH="/usr/local/opt/openssl@1.1/bin:$PATH"' >> ~/.zshrc

// Debug DoH with TLS 1.3
openssl s_client -state -debug -msg -connect -tls1_3

DNSSEC validation test

Use dig to test, this will return with header AD

dig +dnssec +multi

This will failed, should only return a SERVFAIL


You can’t perform that action at this time.