[getdns-users] Procedure to decrypt encrypted DNS query/response packets inside Wireshark ?

Mohit Batra mohit4677 at gmail.com
Thu Jun 1 11:04:23 UTC 2017

Thanks a lot Sara !!

Just wondering whether this functionality (decryption of encrypted DNS
query/response packets right inside Wireshark, or by some other means) can
be taken up in GetDNSAPI / Stubby in upcoming versions .. Is there a
possibility ?

Thanks & Regards,
Mohit Batra

On Tue, May 30, 2017 at 8:24 PM, Sara Dickinson <sara at sinodun.com> wrote:

> On 29 May 2017, at 11:15, Mohit Batra <mohit4677 at gmail.com> wrote:
> Hello Everyone,
> I have compiled / configured Stubby successfully, and I can see encrypted
> DNS query/response packets on port 853 on Wireshark.
> Now my question is:
> *"Is anyone aware of a documented procedure to decrypt encrypted DNS
> query/response packets inside Wireshark?”*
> So a good starting point is: https://wiki.wireshark.org/SSL#Complete_SSL_
> decryption_walk_through which describes the basics of decrypting traffic
> assuming you are using openssl as a server.
> From this you can see that you either need access to the private key of
> the server (works for RSA cipher suites) or to be able to create a SSL key
> log file from the DNS client (not so easy, not directly supported in
> Stubby).
> Sara.
> _______________________________________________
> Users mailing list
> Users at getdnsapi.net
> https://getdnsapi.net/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.getdnsapi.net/pipermail/users/attachments/20170601/f922785f/attachment.htm>

More information about the Users mailing list