PR-DNSd: Passive-Recursive DNS daemon
Passive-Recursive DNS daemon.
What does it do?
- run as localhost DNS service, to fix your netstat/tcpview/lsof, etc. output
- as enterprise-internal DNS server, to also be able to do meaningful EDR/IR and log analysis
- as cloud service, to also collect Passive DNS data from non-enterprise (home, BYOD, etc.) devices
- hint: you probably want to configure DDoS protection options
- in the cloud as DNS-over-TLS server, to additionally provide private DNS for supporting devices (ex: Android 9’s private DNS setting)
- ex: domain pattern-based firewall/proxy configuration for mobile devices
Running as your own private server for Android9’s Private DNS settings
After appropriate setcap, run:
PR-DNSd -tlslisten :853 -cert YOUR_SERVER_CRT_KEY_PEM -upstream 220.127.116.11:53 -store pr-dnsd
Copyright (c) 2019 Lauri Korts-Pärn