Advice Request Firefox leaking DNS

Please provide comments and solutions that are helpful to the author of this topic.

porkpiehat

Level 6
Thread author
Verified
Well-known
May 30, 2015
277
ok, I have Cloudflare setup in my Network settings, have DoH selected in Firefox settings, and everything is hunky dory with the Cloudflare ENSI test page... now, when I test my DNS with Bash.ws, it shows the Cloudflare servers, and my ISP servers........ I have run this test with my other browsers, which are setup with similar configs, namely Edge, and Opera, without such problems. I can only assume that the problem is with Firefox... any thoughts?
 
Solution
Yes ESNI seems to only work for certain traffic at certain ports. I noticed that too in NextDNS analytics. It seems loading/querying a site is done with ESNI. But, once you are on the site and it is streaming/updating content that traffic is sent without ESNI or DoH.

Try going into about:config and set "network.trr.mode" to 3

Also set "network.trr.bootstrapAddress" to the IP address of your DoH resolver if you can find that address. If not try to find it through here.

Set "media.peerconnection.enabled" to false to disable WebRTC leaks

Cleo

Level 6
Verified
Well-known
May 25, 2020
274
Do a check for me please if you use uBO. Open uBlock Origin’s settings, enable the option “I am an advanced user” then click on the wheels icon to open its advanced settings. Find the parameter called cnameUncloak, set it to false and apply the settings to take effect.
re-test for leak.
 

SpiderWeb

Level 10
Verified
Well-known
Aug 21, 2020
468
Yes ESNI seems to only work for certain traffic at certain ports. I noticed that too in NextDNS analytics. It seems loading/querying a site is done with ESNI. But, once you are on the site and it is streaming/updating content that traffic is sent without ESNI or DoH.

Try going into about:config and set "network.trr.mode" to 3

Also set "network.trr.bootstrapAddress" to the IP address of your DoH resolver if you can find that address. If not try to find it through here.

Set "media.peerconnection.enabled" to false to disable WebRTC leaks
 
Solution

porkpiehat

Level 6
Thread author
Verified
Well-known
May 30, 2015
277
Do a check for me please if you use uBO. Open uBlock Origin’s settings, enable the option “I am an advanced user” then click on the wheels icon to open its advanced settings. Find the parameter called cnameUncloak, set it to false and apply the settings to take effect.
re-test for leak.
I don't use uBO... but I also did the test in 'safe' mode with addons disabled...
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top