Si vous êtes sous Windows, vous savez que vous êtes bien connecté au net, parce qu’il n’y a pas de petite icone jaune “warning” dans la barre des tâches, vous informant d’une connexion limitée. Mais comment fait Windows pour le savoir ? Et bien il tente de se connecter au net en allant taper sur http://www.msftncsi.com/ncsi.txt et sur les DNS dns.msftncsi.com (188.8.131.52). NCSI ça veut dire Network Connectivity Status Indicator. …
What is a DNS leak and why should I care?
When using an anonymity or privacy service, it is extremely important that all traffic originating from your computer is routed through the anonymity network. If any traffic leaks outside of the secure connection to the network, any adversary monitoring your traffic will be able to log your activity.
DNS or the domain name system is used to translate domain names such as www.privacyinternational.org into numerical IP addresses e.g. 184.108.40.206 which are required to route packets of data on the Internet. Whenever your computer needs to contact a server on the Internet, such as when you enter a URL into your browser, your computer contacts a DNS server and requests the IP address. Most Internet service providers assign their customers a DNS server which they control and use for logging and recording your Internet activities.
Under certain conditions, even when connected to the anonymity network, the operating system will continue to use its default DNS servers instead of the anonymous DNS servers assigned to your computer by the anonymity network. DNS leaks are a major privacy threat since the anonymity network may be providing a false sense of security while private data is leaking.
via DNS leak test.
a fail2ban GUI powered by fail2rest
fail2ban allows you to administer the following
- Failregex – Delete and add new failregexes
- Banned IPs – Ban and Unban IP address
- Per Jail Config – Configure find time, max retry and usedns per jail, and view the filelist per jail
with the following features planned in the future
- Reporting – Expose the time that an IP address was banned, and show trends via visualizations
- Alerting – Desktop notification when an IP address is banned
- Regex Testing – Testing ignore+fail regexes on your current logs to quickly build and debug regexes
- More Jail Controls – Create new jails and expose more settings for current jails