Ubuntu – How to check if DNS is encrypted

dnsdnscrypt-proxyencryption

I have installed DNSCrypt , its OpenDNS encrypted DNS patch for Ubuntu & other Linux users & it's working fine.

How do I know if my DNS is encrypted?
I have googled but didn't find anything.

Status

one@onezero:~$ status dnscrypt 
dnscrypt start/running, process 1013
one@onezero:~$ sudo netstat -atnlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.2:53            0.0.0.0:*               LISTEN      1013/dnscrypt-proxy

Updated

Wireshark

@Alvar

enter image description here

without DNSCrypt

enter image description here

Best Answer

You could check it with Wireshark by listening to your network card, just follow these steps:

sudo apt-get install wireshark (paste it into a terminal)
start it from a terminal with sudo wireshark (you need to be sudo to be able to listen to your network card.)
then start listening and filter out everything but your own ip.

Now just check if the dns protocols are encrypted.

use the filter to only show dns
Stop the scan.
click on a list item that says dns and comes from your ip.
Now click on the transmission protocol to see if it's encrypted.

Related Solutions

Ubuntu – How to monitor/check outgoing DNS lookup connections

You must turn on bind / named logging:

$ sudo apt-get install bind9utils
$ rndc querylog

Then, you can see the log the service in the system log:

$ tail -f /var/log/messages

Once finished, you can turn off logging again:

$ rndc querylog

Ubuntu – dnscrypt-proxy – check what resolver I am using

The best way to check which resolver you are actually using is to visit this website.

https://dnsleaktest.com/

Further explanations are in a webupd8.com article :

Encrypt DNS Traffic In Ubuntu With DNSCrypt [Ubuntu PPA]