DNS queries to hardcoded addresses ( bypassing OS configuration)
Answered
The application is sending DNS "A" record queries for "jetbrains.com" and "www.jetbrains.com", bypassing the OS configured DNS servers.
The queries are sent to the following DNS servers:
1.0.0.1
1.1.1.1
8.8.4.4
8.8.8.8
9.9.9.10
117.50.10.10
117.50.20.20
149.112.112.10
223.5.5.5
223.6.6.6
How can this be disabled or force it to use the OS configuration?
Please sign in to leave a comment.
You cannot disable it.
There is an option, however. If OS configured DNS servers answer the request, there will be no queries to public dns servers.
This will effectively "disable" such queries.
Well, that's not great.
This can be considered an unintended information leakage, even more concerning that it's sending queries to multiple DNS servers in China. (117.50.10.10
117.50.20.20, 223.5.5.5, 223.6.6.6)
What is the justification behind not being able to disable its? Why is using OS configured DNS not sufficient?
> Why is using OS configured DNS not sufficient?
If OS configured DNS servers answer the request, there will be no queries to public dns servers.
There should be an option to disable these public DNS queries. This is a cause of concerns when you have many machines making these unnecessary calls.
This won't happen if you are not blocking JetBrains hosts via DNS.
This is very annoying as it's triggering our network's firewall all the time, I concur with Hussein, there should be an option to disable those queries, it should be up to the user to choose what DNS to use, and up to the network's administrator to choose whether JetBrains hosts should be blocked or not.