We are still actively working on the spam issue.
DNSCrypt
Revision as of 22:42, 4 February 2014 by Toynbeeidea (talk | contribs)
DNSCrypt acts as a local DNS resolver and uses elliptic-curve cryptography when passing messages to and from the DNS server. This is extremely useful for mitigating MITM attacks on DNS. Only a few servers are known to currently support DNSCrypt, however, adoption is growing.
Note: if you install DNSCrypt, be sure to change the server it's using to something other than OpenDNS, as OpenDNS is known to hijack and block certain domains by default. Also be sure to change your DNS server address to that of the local resolver (usually 127.0.0.2 or 127.0.0.1).
Contents
Installation
Linux
From Source
# git clone git://github.com/jedisct1/dnscrypt-proxy.git # cd dnscrypt-proxy # ./autogen.sh # ./configure --prefix=/usr # make # sudo make install # sudo nano /etc/resolv.conf Remove all lines starting with "nameserver" and add "nameserver 127.0.0.1" and save the file. Pick a server from dnscrypt.org and take note of the Server address, Provider name, and Public key. # sudo dnscrypt-proxy --daemonize --resolver-address=<Server address> --provider-name=<Provider name> --provider-key=<Public key>