I have been researching how to tell if my browser traffic is truly encrypted, so I installed wireshark to view my traffic but I don't see DNS anywhere, but I do see QUIC protocol traffic is encrypted and it's using OPENDNS, so is that my browser traffic? Forgive me if it's a dumb question, I am not very good with networking EDIT: I installed wireshark on my Son's laptop which doesn't have DNSCrypt, and I can see the DNS protocol and it also shows opendns which is weird cause I am using Yandex DNS for him since it has parental control capabilities...I hope i'm not confusing anyone, I would simply like to visually see/confirm that DNSCrypt is working properly.
Thinking out loud while looking over your shoulder... you say you are using DNSCrypt and don't see DNS traffic in the clear (good). OpenDNS supports DNSCrypt, and resolver2.opendns.com [208.67.220.220] looks OK. The DNSCrypt protocol can use UDP on port 443 and that matches. The curious aspect, to me at least, is the protocol being reported as QUIC. Which is a somewhat newish Google proposition and not something I associate with DNSCrypt or find mentioned in https://github.com/jedisct1/dnscrypt-proxy/blob/master/DNSCRYPT-V2-PROTOCOL.txt. Wireshark has to classify traffic and choose how it present it. Sometimes having to distinguish two different protocols which are known to use the same ports and may have other similarities. QUIC is a protocol that uses UDP 443. So my question would be: Is Wireshark misclassifying DNSCrypt protocol as QUIC protocol? A quick search turned up a few others mentioning that their DNSCrypt traffic was reported as QUIC in Wireshark.
Anything where the source address is 192.168.1.13 is traffic originating from your machine. As to whether it's from your browser, I can't say for sure. If you captured immediately after launching your browser, then it probably is your browser's traffic.
Wireshark recognizes UDP traffic to or from port 80 or 443 as being QUIC traffic. QUIC runs over UDP, so QUIC packets are normal UDP packets. http://networkengineering.stackexch...-quic-and-not-udp-during-capture-in-wireshark
Here's some new screens...it shows wilders is encrypted EDIT: I'm thinking the TLS means I'm running in SSL? (which is true) and the QUIC is my browser traffic maybe?