Proof of Chrome‘s DNS traffic going through the socks proxy setting

Proof of Chrome‘s DNS traffic going through the socks proxy setting

Does Chrome's DNS traffic going through the socks proxy setting?

The answer is Yes, and here is the proof. The basic idea is proxy the traffic of Chrome to a server which have tcpdump opened.

First, suppose we have a remote server that have ssh access, open the terminal and type:

# ssh -D 8080 user@yourserver.com

this will create a socks5 proxy service on port 8080 on our local machine, and of course, log into our server's shell as well, here we use tcpdump to monitor the DNS traffic through our server, the command is:

# tcpdump -nt udp port 53

-n: Don't convert ip address to name
-t: Don't print timestamp

Then we config Chrome to use the socks5 proxy we just created, here I strongly recommend a Chrome Extension called SwitchyOmega, this extension will allow you to config proxy server just for the Chrome itself, so you don't mess up with your system proxy setting.

proxy_setting

when everything is ready, open a new webpage like www.google.com and we will see something rolling down from the tcpdump output.

tcpdump_dns

We can see that the first line is a DNS query for A Record of www.google.com, and the second line follows with the response.

Show Comments