DNScope.io

Developed or developing a new product in PureBasic? Tell the world about it.
User avatar
ChrisR
Addict
Addict
Posts: 1127
Joined: Sun Jan 08, 2017 10:27 pm
Location: France

Re: DNScope.io

Post by ChrisR »

Great, it does the job well 8)
I get the warning with uBlock the 1st time I access it. It improves the layout a bit also.

Image
User avatar
idle
Always Here
Always Here
Posts: 5039
Joined: Fri Sep 21, 2007 5:52 am
Location: New Zealand

Re: DNScope.io

Post by idle »

It might have just been luck on my part as I got the ads and warning after I unblocking a couple of the blocked domains, it's not consistent behavior though. As I refresh the page, sometimes the ads disappear and other times they appear.
They may be cycling through the sub domains to fetch the adds but they're 1st party adds so I won't be able to reliably block them. All I'll be doing is blocking the functionality.

This is what You tube is doing at the moment and there are discussions on it. I can block the 3rd party ads but by blocking the 1st party ads it just stalls the stream.

While I'm using the same starting source of block lists that ublock and adgaurd use, my methods are a little different and I only check the blooms if the result of my method is unblocked. The blocklists are mostly zombies domains and just wasting space, for instance I reprocessed a small list with ~20,000 urls only 300 of them were still active, so out of the 800k (I haven't actually counted them) there's probably only ~12k active but it would take ~160 hours to reprocess at the drip feed rate I'm reprocessing them at and god knows what the DNS servers upstream would think is going on if I let it rip, I fear I will trigger some detrimental response if I flood them with requests.

I've added a link in the OP for a direct download of the zip. see the read me for details. any questions ask.
https://dnscope.io/idlefiles/DNScope_0_7_0_a.zip
User avatar
jacdelad
Addict
Addict
Posts: 1431
Joined: Wed Feb 03, 2021 12:46 pm
Location: Planet Riesa
Contact:

Re: DNScope.io

Post by jacdelad »

idle wrote: Fri Sep 23, 2022 9:29 pm The cached responses take ~0.0005 seconds or around 5 micro seconds the difference is quite noticeable.
Just to add, 0.0005 seconds is 500 microseconds. But it's hella fast.

However, I'm new to this, so please excuse my surely simple question: I use adblockers in my browsers, on my phone and on my router. The one in the router applies to my whole network, sure. The one in the browser only to my browser, clear. The one on my phone my whole phone, also clear.
Can I use DNScope.io to affect my whole network? How do I do this, I can't run it on my router. I know a lot of people talk about things like "run pihole on a Raspi", yeah great, but where do I put it? Between router and modem?
PureBasic 6.04/XProfan X4a/Embarcadero RAD Studio 11/Perl 5.2/Python 3.10
Windows 11/Ryzen 5800X/32GB RAM/Radeon 7770 OC/3TB SSD/11TB HDD
Synology DS1821+/36GB RAM/130TB
Synology DS920+/20GB RAM/54TB
Synology DS916+ii/8GB RAM/12TB
User avatar
idle
Always Here
Always Here
Posts: 5039
Joined: Fri Sep 21, 2007 5:52 am
Location: New Zealand

Re: DNScope.io

Post by idle »

jacdelad wrote: Sat Sep 24, 2022 6:11 am
idle wrote: Fri Sep 23, 2022 9:29 pm The cached responses take ~0.0005 seconds or around 5 micro seconds the difference is quite noticeable.
Just to add, 0.0005 seconds is 500 microseconds. But it's hella fast.

However, I'm new to this, so please excuse my surely simple question: I use adblockers in my browsers, on my phone and on my router. The one in the router applies to my whole network, sure. The one in the browser only to my browser, clear. The one on my phone my whole phone, also clear.
Can I use DNScope.io to affect my whole network? How do I do this, I can't run it on my router. I know a lot of people talk about things like "run pihole on a Raspi", yeah great, but where do I put it? Between router and modem?
yes 500 micro seconds does sound right, the response time is ~half a milli second, it's not really fast at all but since it's on the wire, maybe it's ok. It will be much quicker once it's fully threaded the windows event loop is still a significant jitter in the over all time until I'm satisfied it's fully thread safe.

Maybe I'm late to the game but I'm not aware of any tools that you can install on your router.

Yes you can easily use it to filter your LAN traffic, if your router lets you specify the address of the DNS to use. All you need to do is set up your PC with a static IP and then direct the DNS traffic to that IP address and set the secondary address to an external IP like 1.1.1.1, so the LAN traffic will loops back to your PC on the static IP, and it will then filter all the LAN traffic and should you turn the PC off the traffic will use the secondary DNS you specified. it might slow it down a little in that case but I haven't really spent much time experimenting with it.

just be aware that the cache prefetch isn't done yet so you will get occasional interruptions once the TTL has passed. that's the next bit I'm doing, I need to add in a ring buffer to queue the lookups to renew your domain list before it expires. It's quite a lot of work.
User avatar
jacdelad
Addict
Addict
Posts: 1431
Joined: Wed Feb 03, 2021 12:46 pm
Location: Planet Riesa
Contact:

Re: DNScope.io

Post by jacdelad »

My router has a built-in malware and adware protection. Works quite well, but hasn't been updated for 3 years.

I'm currently using 1.1.1.2 and 1.0.0.2, so if I plug a Raspi into my router, run DNScope, give it a static address and change the DNS in the router to <Raspi> and 1.1.1.2 it'll work for my whole network?
PureBasic 6.04/XProfan X4a/Embarcadero RAD Studio 11/Perl 5.2/Python 3.10
Windows 11/Ryzen 5800X/32GB RAM/Radeon 7770 OC/3TB SSD/11TB HDD
Synology DS1821+/36GB RAM/130TB
Synology DS920+/20GB RAM/54TB
Synology DS916+ii/8GB RAM/12TB
User avatar
idle
Always Here
Always Here
Posts: 5039
Joined: Fri Sep 21, 2007 5:52 am
Location: New Zealand

Re: DNScope.io

Post by idle »

jacdelad wrote: Sat Sep 24, 2022 7:03 am My router has a built-in malware and adware protection. Works quite well, but hasn't been updated for 3 years.

I'm currently using 1.1.1.2 and 1.0.0.2, so if I plug a Raspi into my router, run DNScope, give it a static address and change the DNS in the router to <Raspi> and 1.1.1.2 it'll work for my whole network?
Scopes up is currently x64 windows only and only tested on windows 11. Technically It will work on all 64 bit platforms supported by PB but not until I've backported the x64 asm to plane c, I got as far as porting the asm to suit gcc inline asm but I still need to provide either plain PB or c alternatives to the core structures.
User avatar
jacdelad
Addict
Addict
Posts: 1431
Joined: Wed Feb 03, 2021 12:46 pm
Location: Planet Riesa
Contact:

Re: DNScope.io

Post by jacdelad »

Ah I see. Running a Windows PC in background is not efficient (at least as far as I know), so finally porting it to Raspi seems like a logical step to me. Just saying.
PureBasic 6.04/XProfan X4a/Embarcadero RAD Studio 11/Perl 5.2/Python 3.10
Windows 11/Ryzen 5800X/32GB RAM/Radeon 7770 OC/3TB SSD/11TB HDD
Synology DS1821+/36GB RAM/130TB
Synology DS920+/20GB RAM/54TB
Synology DS916+ii/8GB RAM/12TB
User avatar
idle
Always Here
Always Here
Posts: 5039
Joined: Fri Sep 21, 2007 5:52 am
Location: New Zealand

Re: DNScope.io

Post by idle »

I think it's a lot simpler to use windows. The only configuration you need to do to use it LAN wide is to set up a static ip and forward the dns. setting up a pi to act as a router is a lot more work, it will happen eventually and it will be a good showcase for pb code but efficiency wise consider this the bloom filter implementation lookup is capable of processing the entire .com space in a second if it was maxed out across all cores on my desktop that would be 150,000,000 look ups per second. It's insanely fast and I doubt you'd find a faster bloom filter anywhere.
User avatar
jacdelad
Addict
Addict
Posts: 1431
Joined: Wed Feb 03, 2021 12:46 pm
Location: Planet Riesa
Contact:

Re: DNScope.io

Post by jacdelad »

Sure. But energy prices are high in Germany...and still rising.
PureBasic 6.04/XProfan X4a/Embarcadero RAD Studio 11/Perl 5.2/Python 3.10
Windows 11/Ryzen 5800X/32GB RAM/Radeon 7770 OC/3TB SSD/11TB HDD
Synology DS1821+/36GB RAM/130TB
Synology DS920+/20GB RAM/54TB
Synology DS916+ii/8GB RAM/12TB
User avatar
idle
Always Here
Always Here
Posts: 5039
Joined: Fri Sep 21, 2007 5:52 am
Location: New Zealand

Re: DNScope.io

Post by idle »

Lol yes we'll I run on solar and it not much more than a light bulb. A pi version will be the next target it will be a good showcase for pb code.
User avatar
tj1010
Enthusiast
Enthusiast
Posts: 621
Joined: Mon Feb 25, 2013 5:51 pm
Location: US or Estonia
Contact:

Re: DNScope.io

Post by tj1010 »

ARP table filtering, DNS cache validation, and something to detect BGP hijacking would be nice

How do you block telemetry besides registry modding on Windows 10 and 11? It's all wrapped in TLS using shared domains. I think Windows 10 and 11 have like four different telemetry systems too...
The truth hurts.
User avatar
idle
Always Here
Always Here
Posts: 5039
Joined: Fri Sep 21, 2007 5:52 am
Location: New Zealand

Re: DNScope.io

Post by idle »

It works for the telemetry and stops the annoying adds on the desktop. Even if the telemetry is running over TLS it should still make a DNS request unless its got a static IP to connect to but I doubt it does that. It blocks at least a dozen telemetry urls and calls to update. As for cache validation I'm not sure how I'll go about that yet and I haven't even thought about arp tables or bgp hijacking, it would make sense to look into it given how most people have dozens of wifi overlaps but hat's like another product of itself.

I've still got to work on the prefetch to the keep the cache up to date and then work out how to handle ipv6 before addressing dnssec or switching to https but that also requires the user to choose a service and I don't intend to provide that yet. I do already have measures in place to address DNS spoofing or cache poisoning, they will be put in place but they aren't operational at this stage and once I enable https the risk will more or less go away.

I would suggest to people to set their routers to use dnssec if they're worried about the security, but when browser run DNS over https it isn't just about security in my opinion, its more about adding a layer of accountability and it provides a very convenient means to facilitate auditing, tracking and censorship. One of the main aims of dnscope.io is to get around censorship and geo blocking.
User avatar
idle
Always Here
Always Here
Posts: 5039
Joined: Fri Sep 21, 2007 5:52 am
Location: New Zealand

Re: DNScope.io

Post by idle »

updated to 0.7.1 alpha
It now includes 3.5 million domain names in the block lists which has bloated the exe to 2,968kb OMG! :shock:
I have also attempted to make it lock free with atomics.
https://dnscope.io/idlefiles/DNScope_0_7_1_a.zip
in case you want to try it.


and my bad humor, lets hope it doesn't happen.

Code: Select all

EnableExplicit 

InitSprite()
InitKeyboard() 
InitMouse() 

Global font = LoadFont(#PB_Any,"arial",72,#PB_Font_HighQuality)

Procedure DisplayMessageCenter(window,msg.s,color=255,scale.f=1.00)
  
  Protected spriteNumber,tempImage,fontsTextWidth,fontsTextHeight,cx,cy
  
  tempImage = CreateImage(#PB_Any,1,1)    ;if you need to get the size of a font in pixels         
  
  If tempImage
    If StartDrawing(ImageOutput(tempImage)) ;draw to the temp image 
      DrawingFont(FontID(font))             ;with the selected font  
      fontsTextWidth = TextWidth(msg)       ;get the width and height in pixles     
      fontsTextHeight = TextHeight(msg)  
      StopDrawing()  
      spriteNumber = CreateSprite(#PB_Any,fontsTextWidth,fontsTextHeight) ;create the sprite of required size 
      If spriteNumber 
        If StartDrawing(SpriteOutput(spriteNumber))   ;now you can draw the text to the sprite 
          DrawingFont(FontID(font)) 
          DrawText(0,0,msg,color)
          StopDrawing()
          TransparentSpriteColor(spriteNumber,0)
          cx= (WindowWidth(window) - (fontsTextWidth*scale)) / 2   
          cy = (WindowHeight(window)- (fontsTextHeight*scale)) / 2        
          ZoomSprite(spriteNumber,fontsTextWidth*scale,fontsTextHeight*scale)  
          DisplayTransparentSprite(spriteNumber,cx,cy)
        EndIf   
        FreeSprite(spriteNumber)
      EndIf  
    EndIf  
    FreeImage(tempImage)      
  EndIf 
  
EndProcedure 
 
Global event,ct,sc,bput=-2

OpenWindow(0,0,0,800,600,"Putin de merde clock enter to escape",#PB_Window_ScreenCentered | #PB_Window_SystemMenu) 
OpenWindowedScreen(WindowID(0),0,0,800,600) 


Repeat
  Repeat 
    event=WindowEvent()
    If event=#PB_Event_CloseWindow
      End
    EndIf
  Until event=0
  
  ExamineKeyboard() 
  ExamineMouse() 
  
  
  If bput > 0   
    ClearScreen((ct%64)*2)
    DisplayMessageCenter(0,FormatDate("%hh:%ii:%ss", Date()-ct),RGB(0,192,0),0.025*sc)
    ct+1  
  Else 
    ClearScreen(0)
    DisplayMessageCenter(0,FormatDate("%hh:%ii:%ss", Date()),RGB(0,192,0))
    ct=0
  EndIf 
   
  sc+1 
  sc%60
  FlipBuffers()
  
  If KeyboardInkey()
    bput = 1
  EndIf  
  
Until KeyboardPushed(#PB_Key_Escape)     

you can use escape to end.
User avatar
ChrisR
Addict
Addict
Posts: 1127
Joined: Sun Jan 08, 2017 10:27 pm
Location: France

Re: DNScope.io

Post by ChrisR »

Hi idle,
I tried your last alpha version DNScope_0_7_1_a in portable mode.
At the 1st use, it asked me to accept the license then to add "DNS Firewall Smart Cache" to the Windows Defender Firewall then to restart my Windows 10 x64.
The dnscache service is disabled and stopped. As written in your readme, I uncheck IPv6 and disable secure DNS.
But, I must have probably missed something, I have nothing captured, displayed in DNScope.

With ipconfig /all, I have this:

Code: Select all

Carte réseau sans fil Wi-Fi :

   Suffixe DNS propre à la connexion. . . :
   Description. . . . . . . . . . . . . . : Intel(R) Wi-Fi 6 AX201 160MHz
   DHCP activé. . . . . . . . . . . . . . : Oui
   Configuration automatique activée. . . : Oui
   Adresse IPv4. . . . . . . . . . . . . .: 192.168.1.11(préféré)
   Masque de sous-réseau. . . . . . . . . : 255.255.255.0
   Bail obtenu. . . . . . . . . . . . . . : vendredi 30 septembre 2022 17:44:08
   Bail expirant. . . . . . . . . . . . . : samedi 1 octobre 2022 17:57:40
   Passerelle par défaut. . . . . . . . . : 192.168.1.1
   Serveur DHCP . . . . . . . . . . . . . : 192.168.1.1
   NetBIOS sur Tcpip. . . . . . . . . . . : Activé

Also, how I get back to my original config, cmd as Admin:

Code: Select all

sc config Dnscache start=auto
[SC] OpenService failure(s) 5 :

Access denied.
Edit: I restored it via the registry:
HKLM\SYSTEM\CurrentControlSet\Services\Dnscache,Start=3
User avatar
idle
Always Here
Always Here
Posts: 5039
Joined: Fri Sep 21, 2007 5:52 am
Location: New Zealand

Re: DNScope.io

Post by idle »

The restart is required to turn off the dnscache and to also turn it back on after the Uninstaller is run, which is accessed under the main menu.

At the bottom of the application in the status bar it should say dns on 127.0.0.1

The issue you found in the setup is from it looking for the active connection and it's failed because of the language difference. I'm halfway through doing it by api but currently it's just running shell commands the only thing that's different is the language to say which connection is active. I thought I'd get away with it as the field names are the same. I will rewrite it with api. And let you know thanks
Post Reply