DNSCrypt
Encrypt DNS Traffic In Linux With DNSCrypt (Via OpenDNS) ~ Web Upd8: Ubuntu / Linux blog : http://www.webupd8.org/2012/02/encry...inux-with.html
Start DNSCrypt at boot. Quote:
You can download the actual package from the OpenDNS blog. OpenDNS Community > Blog > Tales from the DNSCrypt: Linux Rising : http://blog.opendns.com/2012/02/16/t...-linux-rising/ |
Thanks for posting this, I've bookmarked the article and will give it a go tomorrow sometime.
|
Really surprised more people haven't commented on this.
For me at least it is just one more step in being safe, secure, and more or less anonymous. dnscrypt+tor+HTTPS Everywhere(SSL) Added the info about DNSCrypt to my blog post: Security and Privacy on the Internet - LinuxQuestions.org : http://www.linuxquestions.org/questi...internet-3080/ |
Working for me here.
Had to use the .deb file you linked to. The only other thing I had to do was re-start my router. Thanks craigevil. |
Post in antiX forum that goes into way more detail on how to use DNDCrypt with the unbound dns cache.
antiX-forum - View topic - Secure DNS with DNScrypt - http://antix.freeforums.org/post23679.html#p23679 |
Seems I may have spoken too soon.Lost dns resolution with dns crypt.
I could ping on ip address,just not on a url. Removed the dns crypt .deb and re-configured my router accordingly. Not reliable enough for me. |
Quote:
Code:
cat /etc/resolv.conf Code:
$ dig @127.0.0.1 www.yahoo.com |
Why DNSCRYPT?
Ok, so you can encrypt your DNS queries all the way to OpenDNS who then decrypts all your requests and can log all of your queries by IP address with a nice date and time stamp. Hmmm don't want to provide this information to OpenDNS or your ISP? Run a full recursion DNS server. Now only the sites you connect to will get the information about when you connected to them, however someone intercepting the traffic between you and your ISP would still be able to tell where you are going... well without the DNS information they could still look at all the other traffic and see where it is going (destination IP). So what exactly are we getting by encrypting our DNS traffic?
Don't get me wrong this is great and I am sure this will find some great applications that I just haven't thought of yet but so far I haven't thought of them. ;) |
All times are GMT -5. The time now is 08:39 PM. |