Fincer
/
dns-sinkhole
mirror of https://github.com/Fincer/dns-sinkhole
1
0
Fork 0
Code Issues 0 Projects 0 Releases 0 Wiki Activity
Browse Source

README: add network analysis section

master
Pekka Helenius 5 years ago
committed by GitHub
parent
a764e45719
commit
95a1e90984
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +12
    -0
      README.md

+ 12
- 0
README.md View File

@ -57,6 +57,18 @@ Although DNSCrypt offers blacklist feature, it is not very reliable with large D
---------- ----------
### Detecting malicious network traffic on Android & (embedded) IoT devices
Network analysis is strongly encouraged for mobile phones and (embedded) IoT devices to detect malicious or unwanted connections which are usually taking place without user's knowledge. You can use results of the analysis to build your own DNS sinkhole blacklist for devices or network segments.
You can use `tcpdump` or `wireshark` for network analysis purposes.
Mobile phones: you may consider limiting count of installed applications. More applications you have, more unwanted network traffic may occur.
Be aware that some applications or websites may break if too greedy policy is taken in place. DNS sinkhole works at best with combination of other network filtering/firewall policy applied, as well (application & network/data link layers). Understanding [OSI model](https://en.wikipedia.org/wiki/OSI_model) and/or [TCP/IP protocol stack](https://en.wikipedia.org/wiki/Internet_protocol_suite) helps you to build a proper policy for your network devices.
----------
# License # License
This repository uses MIT license. See [LICENSE](LICENSE) file for details. This repository uses MIT license. See [LICENSE](LICENSE) file for details.

Write Preview
Loading…
Cancel
Save