)

There are many implementations of DNSCrypt, which have been listed on

For this lab, you are free to install any implementation on your physical or virtual workstation.

Alternatively, you can follow the YogaDNS installation steps that are given on this page. You will need a Windows 7, 8, or 10 to complete this lab.

Instructions:

Take the screenshots of steps 5, 8, and 11.

1) YogaDNS does not harm your computer. It is a tiny software, and its installation and uninstallation are quite straightforward. You can install it on your Windows workstation and continue to use it for better DNS security. If you don’t want to install it on your physical Windows workstation or you don’t have a Windows workstation:

a. Download and Install VirtualBox

b. Download and configure the Windows 10 virtual image:

2) Download and install Wireshark to your Windows computer

3) Start traffic capturing by using Wireshark

4) Enter this filter to Wireshark: udp.dstport == 53

5) Open Edge Browser: Visit any website you want and observe cleartext DNS queries on port 53

6) Download and install YogaDNS to your Windows computer

7) Run YogaDNS

8) Click Configuration > DNS Servers > Edit on YogaDNS

9) See the IP address of the DNS server, which is 8.8.8.8 (DNSCrypt resolver)

10) Visit any website other than you typed in Step-5 and observe that there is no DNS UDP port 53 traffic (Previous queries care cached by the operating system)

11) Remove the previous filter to enter this into Wireshark: ip.addr == 8.8.8.8 and see the TLS packages. Visit other websites and see new TLS packages.

12) Right-click any TLS or TCP traffic in Wireshark and click Follow > TCP Stream. See that the DNS traffic is encrypted.