Alerts you if your DNS traffic is being intercepted, cached, or poisoned by a third party

Test_DNS_Poison.sh

#!/bin/bash

# a big thank you to dnsparanoia.com for providing these services
# this script allows a simple user to test if their DNS requests are being modified without technical knowledge
# I will be providing links that explain on the dnsp website what each test does

# https://dnsparanoia.com/debug_dns_that_should_fail.php
host fail.dnsp.co > /dev/null 2>&1;
if [ $? -eq 0 ]; then
    echo -e "\033[31;40m[ALERT] Potential of DNS Request Interception\033[0m";
fi

# https://dnsparanoia.com/debug_dns_with_resolver.php
host www.example.org dnsp.co | grep "has address 123.45.67.89" > /dev/null 2>&1;
if [ $? -ne 0 ]; then
    echo -e "\033[31;40m[ALERT] Possible Transparent Proxy Detected\033[0m";
fi

host 10.20.30.40.spec.dnsp.co | grep "has address 10.20.30.40" > /dev/null 2>&1;
if [ $? -ne 0 ]; then
    echo -e "\033[31;40m[ALERT] Possible DNS Interception Detected\033[0m";
fi

# https://dnsparanoia.com/debug_dns_with_random_response.php
diff <(host random.dnsp.co) <(host random.dnsp.co)
if [ $? -ne 0 ]; then
    echo -e "\033[31;40m[ALERT] Possible DNS Caching\033[0m";
fi

# https://dnsparanoia.com/debug_dns_with_random_cname.php
diff <(host rndname.dnsp.co) <(host rndname.dnsp.co)
if [ $? -ne 0 ]; then
    echo -e "\033[31;40m[ALERT] Possible DNS CNAME Caching\033[0m";
fi

# wget should enforce signed SSL certificates. In theory, this test will only fail if your ssl certs are being intercepted and signed by a third party
# another possability is that your system / wget is incorrectly configured to accept self signed certificates
curl https://www.whatismyproxy.com:8080 > /dev/null 2>&1;
if [ $? -eq 0 ]; then
    echo -e "\033[31;40m[ALERT] Client is accepting self signed SSL certificates\033[0m";
fi