DNS clarity in Parrot OS 4.8 Home (MATE)

Hi, I’m running Parrot 4.8 Home (MATE) from USB with encrypted persistent storage.

I’m just wondering if I can have a bit of clarity on how DNS is set up? I’m struggling to work it out between resolvconf, networkmanager, and dnsmasq. I can see that dnsmasq is configured to use a set list of DNS Servers, but I presume that in order to use it, I would need to be getting my DNS from 127.0.0.1:53?

The trouble is I’m struggling to over-ride anything. I’m mainly using it from my own home and would like to not use my ISP’s DNS servers at all. How can I prevent this? Is there a config file somewhere where I can hardcode a static list of DNS Servers to be used by all connections? Can I have it permanently using dnsmasq if it isn’t already?

Ok, looks like the solution to not picking up the ISPs dns servers was simple. I just changed ‘dhcp’ to ‘dhcp (addresses only)’ in network manager and manually added a dns server into the box beneath. After doing so, resolv.conf contained nothing but that ip addres.

Where does dnsmasq fit in? Is it only used with the force opennic dns option in the menu? The reason I ask is that the dnsmasq config is populated with the opennic servers. When this starts, does it override all other dns settings on the system?

You can read more about dnsmasq here (Parrot is based off Debian):
https://wiki.debian.org/dnsmasq

If your goal is avoiding ISP dns, Opennic is good for this via NetworkManager, Anonsurf, /etc/resolv.conf file.

If you want to try DNS over https (encrypted DNS resolves) you can enable it in firefox for browsing purposes.

:slight_smile:

I’ve just done a full parrot-upgrade and now it seems that the behaviour has changed slightly. Any DNS settings I now add via network-manager are completely ignored and the resolv.conf file appears static and is not being updated apart from changing to 127.0.0.1 when anonsurf is started. Is this normal? If so, I can live with it.

Regarding anonsurf and DNS though, I’ve just started it and checked the DNSLeak website, and it’s showing my DNS as:

172.253.210.78 None Google United States
172.253.214.3 None Google United States
172.253.214.5 None Google United States
172.253.214.6 None Google United States
172.253.9.2 None Google United States
173.194.168.195 None Google United States

Just wanted to check that this is the correct behaviour

Also just noticed that resolv.conf isn’t always putting the original resolv.conf back in place when anonsurf is stopped. It’s staying as 127.0.0.1 and internet connectivity is therefore lost. I’ve added it to the 4.8 bug report thread.

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.