![]() ![]() A bad guy could, for example, possibly buy the in the address bar (clicking on a bookmark will not cause this). How bad is this? Well, it’s not too bad but it is certainly causing some extra traffic, especially since it depends on caching of (mostly) negative answers. You can see Wireshark’s output for this request below: Good thing is that these negative responses can be cached by your local DNS too so the request does not have to go out every sa’s root server will send back an NXDOMAIN response. When a user is typing in a URL in Chrome’s address bar, Chrome automatically tries to determine if the user typed in a domain and tries to resolve it in the background.įor example, if you type in Chrome’s address bar (as you should, at least once a day :), while typing Chrome will see that isc.sa is a possible domain (.sa = Saudi Arabia) and Chrome will happily send a request for that domain. Chrome actually does quite a bit of extra DNS lookups that some people might not be happy with. This can happen for example also on wireless networks where you have to authenticate through a browser in order to get access to the Internet. ![]() If the owner of the DNS server you use has a wildcard setup, each of these requests will result in a response (which is normally even the same) so Chrome knows that there is someone potentially modifying DNS responses. In a normal setup this results in a “No such name” response from your DNS server, as you can see in the screenshot above. For example, for my system you can see a Wireshark capture below: Chrome does this by issuing 3 DNS requests to randomly generated domain names, for every DNS extension configured. “nasty”ISPs that have wildcard DNS servers to catch all domains). When Chrome is started it will lookup domain names for previously opened web pages early in the startup process so if the user clicks on one of those links Chrome can connect to the target site immediately.Īmong those requests Chrome also tries to find out if someone is messing up with the DNS (i.e. So, in order to speed up browsing Google Chrome does a lot of DNS requests in advance (DNS prefetching – this can be even turned on and off in Chrome’s options). Since I spent some time on this (long) time ago, I decided to pay more attention to Chrome’s DNS request (besides that, this diary might help someone who stumbles upon the same thing in the future). After spending some time he found out that Chrome is sending those requests that he could not explain every time it is started. Couple of days ago one of our readers, Thomas, wrote about weird DNS requests that he is seeing coming from his machine. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |