securitybreach Posted September 9, 2018 Share Posted September 9, 2018 DNS Privacy With Stubby (Part 1 GNU/Linux) Installing and configuring an encrypted dns server is straightforward, there is no reason to use an unencrypted dns service. DNS is not secure or private DNS traffic is insecure and runs over UDP port 53 (TCP for zone transfers ) unecrypted by default. This make your encrypted DNS traffic a privacy risk and a security risk: anyone that is able to sniff your network traffic can collect a lot information from your leaking DNS traffic. with a DNS spoofing attack an attacker can trick you let go to malicious website or try to intercept your email traffic. Encrypt your dns traffic Encrypting your network traffic is always a good idea for privacy and security reasons - we encrypt, because we can! - . More information about dns privacy can be found at https://dnsprivacy.org/ On this site you’ll find also the DNS Privacy Daemon - Stubby that let’s you send your DNS request over TLS to an alternative DNS provider. You should use a DNS provider that you trust and has a no logging policy. quad9, cloudflare and google dns are well-known alternative dns providers. At https://dnsprivacy.o...cy Test Servers you can find a few other options. You’ll find my journey to setup Stubby on a few operation systems I use (or I’m force to use) below … https://stafwag.gith...part1-gnulinux/ He explains how to set it up on Archlinux, Debian and the manual way on other distros. 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 9, 2018 Share Posted September 9, 2018 Good stuff! I use OpenDNS, but I don't worry about their logs because the only request made through that DNS is my initial login to my VPN. Once that connection is made, ALL is encrypted. Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 9, 2018 Author Share Posted September 9, 2018 Good stuff! I use OpenDNS, but I don't worry about their logs because the only request made through that DNS is my initial login to my VPN. Once that connection is made, ALL is encrypted. Same here except I use https://www.opennic.org/ 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.