<div dir="ltr">Thanks a lot Sara !!<div><br></div><div>Just wondering whether this functionality (decryption of encrypted DNS query/response packets right inside Wireshark, or by some other means) can be taken up in GetDNSAPI / Stubby in upcoming versions .. Is there a possibility ?<br><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div>Thanks & Regards,</div><div>Mohit Batra</div><div><br></div><div><br></div></div></div></div></div></div><div class="gmail_quote">On Tue, May 30, 2017 at 8:24 PM, Sara Dickinson <span dir="ltr"><<a href="mailto:sara@sinodun.com" target="_blank">sara@sinodun.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word"><div dir="auto" style="word-wrap:break-word"><br><div><blockquote type="cite"><span class="gmail-"><div>On 29 May 2017, at 11:15, Mohit Batra <<a href="mailto:mohit4677@gmail.com" target="_blank">mohit4677@gmail.com</a>> wrote:</div><br class="gmail-m_2974838009497302343Apple-interchange-newline"></span><div><div dir="ltr"><span class="gmail-"><div>Hello Everyone,</div><div><br></div><div>I have compiled / configured Stubby successfully, and I can see encrypted DNS query/response packets on port 853 on Wireshark.</div><div><br></div><div><br></div><div>Now my question is:</div><div><br></div></span><div><b><u>"Is anyone aware of a documented procedure to decrypt encrypted DNS query/response packets inside Wireshark?”</u></b></div></div></div></blockquote><br></div><div>So a good starting point is: <a href="https://wiki.wireshark.org/SSL#Complete_SSL_decryption_walk_through" target="_blank">https://wiki.wireshark.<wbr>org/SSL#Complete_SSL_<wbr>decryption_walk_through</a> which describes the basics of decrypting traffic assuming you are using openssl as a server. </div><div><br></div>From this you can see that you either need access to the private key of the server (works for RSA cipher suites) or to be able to create a SSL key log file from the DNS client (not so easy, not directly supported in Stubby).</div><span class="gmail-HOEnZb"><font color="#888888"><div dir="auto" style="word-wrap:break-word"><br></div><div dir="auto" style="word-wrap:break-word">Sara. </div></font></span></div><br>______________________________<wbr>_________________<br>
Users mailing list<br>
<a href="mailto:Users@getdnsapi.net">Users@getdnsapi.net</a><br>
<a href="https://getdnsapi.net/mailman/listinfo/users" rel="noreferrer" target="_blank">https://getdnsapi.net/mailman/<wbr>listinfo/users</a><br>
<br></blockquote></div><br></div></div></div>