|
|
| Line 1: |
Line 1: |
| − | {{cleanup|Horrible formatting.}}
| + | #REDIRECT [[Anonymising Yourself#DNS]] |
| − | | |
| − | DNS (Domain Name System)
| |
| − | | |
| − | An often-used analogy to explain the Domain Name System is that it serves as the phone book for the Internet by translating human-friendly computer hostnames into IP addresses. For example, the domain name www.example.com translates to the addresses 93.184.216.119 (IPv4) and 2606:2800:220:6d:26bf:1447:1097:aa7 (IPv6). Unlike a phone book, the DNS can be quickly updated, allowing a service's location on the network to change without affecting the end users, who continue to use the same host name. Users take advantage of this when they use meaningful Uniform Resource Locators (URLs), and e-mail addresses without having to know how the computer actually locates the services.
| |
| − | | |
| − | Default ISP provided ones are usually shit, prone to being overloaded. In addition, it makes it easier to for your ISP to put a face to a IP address as your requests are traveling through them.
| |
| − | | |
| − | /tech/ recomend DNS
| |
| − | | |
| − | Local (Libre only)
| |
| − | Dnsmasq,Djbdns,gdnsd,Knot,MaraDNS,BIND, NSD,Pdnsd,Posadis,PowerDNS,Unbound,Domain Name Relay Daemon (dnrd),YADIFA
| |
| − | | |
| − | Remote
| |
| − | | |
| − | https://www.opennicproject.org/
| |
| − | | |
| − | http://www.orsn.org/en/tech/pubdns/
| |
| − | | |
| − | ns0.freeinfosociety.org
| |
| − | FR
| |
| − | 188.165.175.115
| |
| − | 2001:41d0:2:5a70::1
| |
| − | 99.51%
| |
| − | OK
| |
| − | | |
| − | ns01.ch.orsn.it-schwerin.de
| |
| − | CH
| |
| − | 178.209.50.232
| |
| − | 2a02:418:6a04:178:209:50:232:cafe
| |
| − | 98.92%
| |
| − | OK
| |
| − | | |
| − | orsn.dnscache.cyborg-connect.de
| |
| − | DE
| |
| − | 84.200.55.4
| |
| − | 2001:1608:10:167:366::5c87
| |
| − | 97.79%
| |
| − | OK
| |
| − | | |
| − | orsn-ns4.godau.eu
| |
| − | DE
| |
| − | 103.25.56.16
| |
| − | 2401:1400:1:1201:216:3cff:fe38:5f6b
| |
| − | 94.15%
| |
| − | OK
| |
| − | | |
| − | orsn-ns2.godau.eu
| |
| − | DE
| |
| − | 87.118.126.225
| |
| − | 2001:1b60:3:267:3436:21:0:1
| |
| − | 99.09%
| |
| − | OK
| |
| − | | |
| − | orsn-ns01.first-colo.de
| |
| − | DE
| |
| − | 212.224.71.71
| |
| − | 2a01:7e0::212:224:71:71
| |
| − | 99.69%
| |
| − | OK
| |
| − | | |
| − | orsn-ns02.first-colo.nl
| |
| − | NL
| |
| − | 79.133.62.62
| |
| − | --
| |
| − | 99.25%
| |
| − | OK
| |
| − | | |
| − | orsn-ns.godau.eu
| |
| − | DE
| |
| − | 109.230.224.42
| |
| − | 2a02:d40:3:1:ac11:71ff:feee:41b3
| |
| − | 98.71%
| |
| − | OK
| |
| − | | |
| − | orsn-ns3.godau.eu
| |
| − | AT
| |
| − | 158.255.212.115
| |
| − | 2a03:f80:ed15:158:255:212:115:1
| |
| − | 83.10%
| |
| − | OK
| |
| − | | |
| − | ns1.freeinfosociety.org
| |
| − | FR
| |
| − | 37.187.23.23
| |
| − | 2001:41d0:a:1717::1
| |
| − | 99.30%
| |
| − | OK
| |
| − | | |
| − | ns2.freeinfosociety.org
| |
| − | FR
| |
| − | 37.187.99.178
| |
| − | 2001:41d0:a:23b2::1
| |
| − | | |
| − | Swiss Privacy Foundation DNS http://www.privacyfoundation.ch/de/service/server.html#dns-server
| |
| − | 77.109.138.45
| |
| − | 77.109.139.29
| |
| − | | |
| − | Censurfridns Denmark http://blog.censurfridns.dk/
| |
| − | 91.239.100.100
| |
| − | 89.233.43.71
| |
| − | | |
| − | freedns http://freedns.zone/de/
| |
| − | 37.235.1.174
| |
| − | 37.235.1.177
| |
| − | | |
| − | Digitalcourage e.V. https://digitalcourage.de/support/zensurfreier-dns-server
| |
| − | 85.214.20.141
| |
| − | | |
| − | Chaos Computer Club https://www.ccc.de/de/censorship/dns-howto
| |
| − | 213.73.91.35
| |
| − | | |
| − | Alternative's to ICANN.
| |
| − | http://www.orsn.org/en/tech/
| |
| − | | |
| − | Implementing ORSN locally.
| |
| − | For BIND, this would mean just replacing roots.hint
| |
| − | http://www.orsn.org/roothint/root-hint.txt
| |
| − | | |
| − | DNS encryption
| |
| − | | |
| − | DNScrypt
| |
| − | | |
| − | Comparsion of DNScrypt and regular DNS
| |
| − | | |
| − | With a regular DNS query, the DNS server is aware of your request (duh, how else would they serve it?). Any observer between you and the DNS server can see the request because it is unencrypted.
| |
| − | | |
| − | With a DNS query through dnscrypt, the DNS server is aware of your request (duh, how else would they serve it?). Observers between you and the server cannot see the request, only that some encrypted traffic is being transmitted.
| |
| − | | |
| − | One Anon's setup
| |
| − | I use dnscrypt-proxy with the following server
| |
| − | | |
| − | https://dnscrypt.pl/
| |
| − | | |
| − | Then pass that to unbound.
| |
| − | | |
| − | https://unbound.net/
| |
| − | | |
| − | "I'd recommend the Polish DNScrypt server over the OpenDNS dnscurve/dnscrypt servers. For several reasons that should be obvious,
| |
| − | | |
| − | Latency is not a big issue from North America to Poland, at least from my experience. Consider that it passes on to Unbound which can cache, that alleviates much of the issue."
| |
| − | | |
| − | /tech/ suggested DNS to avoid.
| |
| − | | |
| − | The case against OpenDNS
| |
| − | | |
| − | ">"When you use our Services, OpenDNS stores certain DNS, IP address and related information about you to improve the quality of our Service, to provide you with Services and for internal business and analysis purposes. For example, OpenDNS runs a Domain Name System (DNS) service. DNS translates a domain name (e.g., http://www.example.com) into the corresponding numerical address (e.g., 192.0.34.166) that allows your system to access the domain over the network."
| |
| − | | |
| − | | |
| − | | |
| − | | |
| − | Google DNS
| |
| − | This should obvious. ^:)
| |
| − | | |
| − | Sources:
| |
| − | https://archive.is/rXAUn >> My ISP's DNS is shit. What are some DNS servers that respect muh freedom/privacy. Currently using Google's because I don't know any other ones. >> http://8ch.net/tech/res/383193.html
| |
| − | https://archive.is/zHqRd >> DNS servers >> http://8ch.net/tech/res/377832.html
| |
| − | https://archive.is/eRCyA >> https://anonymous-proxy-servers.net/wiki/index.php/Censorship-free_DNS_servers
| |
| − | https://archive.is/xrv1f >> https://en.wikipedia.org/wiki/Domain_Name_System
| |
| − | https://archive.is/Y4R2H >> https://en.wikipedia.org/wiki/Comparison_of_DNS_server_software
| |
