Hello, everybody. DNS cache with all its data, means huge risk factor for computer user. My questions are: - which program, daemon do all DNS cache job? - how could I see data DNS cache? - how could I effectively flush all this data? - how to stop create a new data? How it looks like in Debian Jessie with sysemd? Appreciate any help. Mark.
The DNS cache is a record of domain names converted into IP addresses during Web browsing and similar activities.
So what, you don't trust your own local machine? Do you honestly think that disabling the DNS cache inceases security? A DNS cache is a security benefit, because you then only transmit a DNS request once. Disable your DNS cache and you transmit one every time. If you're being monitored, not only can people see what site you're visiting, they now know how many times you visit it.
It's sad to see a legit question being met by unhelpful [******] replies. Mark, I'm using a debian-derivative without systemd and, AFAIK, package "nscd" (nor "unscd") was not pre-installed. number 1 search result returned by google search query "linux|debian inspect dns cache" is http://unix.stackexchange.com/questions/28553/how-to-read-the-local-dns-cache-contents which mentions (as of 2012) nscd is buggy. By visiting https://packages.debian.org we can enter a package name & the resulting page will display links to bugtracker, etc. Yes, multiple open issues currently still exist for the nscd package. Do you keep track of which among your installed programs are net-aware? If so, do you employ measures like "firejail --nonet programname" to restrict which progs may callout? Of the programs which do (ask to, and are permitted to) callout, which of them involve DNS requests? Typically, on my system, nothing other than the web browser, smtube, and streamtuner2 issue DNS requests. The browser internally caches DNS lookup results; those other apps (based on the traffic I've observed) do not cache. Ironically (considering that you're seeking to disable/purge caching), it's somewhat a PITA to setup/enable caching in the first place https://wiki.debian.org/HowTo/dnsmasq http://askubuntu.com/questions/22750/best-way-to-set-up-dns-caching If you are using TOR, or a VPN client, or dnscrypt, you will need to separately research whether those components individually maintain a DNS cache.
I expect you to refrain from such vulgar wording. Besides, the question itself was legit but its underlying assumption was questioned by elapsed and myself.
Everything I aimed was to see the local DNS's cache content, and make it unaccessible for the others. The good news is, the debian-derivative does not do any OS-level DNS caching. The only problem to solve is webrowser cache and individual application cache maintain. @elapsed Please, be serious.
Your initial hypothesis is incorrect. A discussion based on it will not yield anything meaningful. There's nothing risky in the DNS cache whatsoever. However, if you want to make sure no one knows what you have browsed on your box ... That's a completely different discussion and it involves so much more than your question. Mrk
If DNS cache security is the issue and you use a third party firewall or a AV solution with a configurable firewall, you can do this. Disable the Windows dnscache service. When you do that, for every outbound program that requires an Internet connection, you will have to additionally code a DNS rule; e.g. outbound port 53, UDP, to your DNS server IP address. This is the most secure way to use DNS.
I,am absolutely aware of it, and this answer is not applicable to my question. My aim is extremely simple - reducing DNS_cache as risk factor on my Windows machine. DNS understand as: a\- network traffic (DNSCrypt) b\- DNS_cache on PC: - viewing (ipconfig /displaydns) - flushing (ipconfig /flushdns) - stopping (net stop dnscache) c\- secure DNS provider (if they exists). Basically, I do not like unannounced and curious visitors, thats all.