We are still actively working on the spam issue.

DNS

From InstallGentoo Wiki
Revision as of 03:51, 2 October 2015 by Ghost (talk | contribs) (Page on DNS)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

DNS (Domain Name System)

This is a server that translates IP requests from deciminal to binary and back.

Default ISP provided ones are usually shit, prone to being overloaded. In addition, it makes it easier to for your ISP to put a face to a IP address as your requests are traveling through them.

/tech/ recomend DNS

Local BIND, UNbound.

Remote

https://www.opennicproject.org/

http://www.orsn.org/en/tech/pubdns/

ns0.freeinfosociety.org FR 188.165.175.115 2001:41d0:2:5a70::1 99.51% OK

ns01.ch.orsn.it-schwerin.de CH 178.209.50.232 2a02:418:6a04:178:209:50:232:cafe 98.92% OK

orsn.dnscache.cyborg-connect.de DE 84.200.55.4 2001:1608:10:167:366::5c87 97.79% OK

orsn-ns4.godau.eu DE 103.25.56.16 2401:1400:1:1201:216:3cff:fe38:5f6b 94.15% OK

orsn-ns2.godau.eu DE 87.118.126.225 2001:1b60:3:267:3436:21:0:1 99.09% OK

orsn-ns01.first-colo.de DE 212.224.71.71 2a01:7e0::212:224:71:71 99.69% OK

orsn-ns02.first-colo.nl NL 79.133.62.62 -- 99.25% OK

orsn-ns.godau.eu DE 109.230.224.42 2a02:d40:3:1:ac11:71ff:feee:41b3 98.71% OK

orsn-ns3.godau.eu AT 158.255.212.115 2a03:f80:ed15:158:255:212:115:1 83.10% OK

ns1.freeinfosociety.org FR 37.187.23.23 2001:41d0:a:1717::1 99.30% OK

ns2.freeinfosociety.org FR 37.187.99.178 2001:41d0:a:23b2::1

Swiss Privacy Foundation DNS http://www.privacyfoundation.ch/de/service/server.html#dns-server

   77.109.138.45
   77.109.139.29 

Censurfridns Denmark http://blog.censurfridns.dk/

   91.239.100.100
   89.233.43.71 

freedns http://freedns.zone/de/

   37.235.1.174
   37.235.1.177 

Digitalcourage e.V. https://digitalcourage.de/support/zensurfreier-dns-server 85.214.20.141

Chaos Computer Club https://www.ccc.de/de/censorship/dns-howto 213.73.91.35

Alternative's to ICANN. http://www.orsn.org/en/tech/

Implementing ORSN locally. For BIND, this would mean just replacing roots.hint http://www.orsn.org/roothint/root-hint.txt

DNS encryption

DNScrypt

Comparsion of DNScrypt and regular DNS

With a regular DNS query, the DNS server is aware of your request (duh, how else would they serve it?). Any observer between you and the DNS server can see the request because it is unencrypted.

With a DNS query through dnscrypt, the DNS server is aware of your request (duh, how else would they serve it?). Observers between you and the server cannot see the request, only that some encrypted traffic is being transmitted.

One Anon's setup I use dnscrypt-proxy with the following server

https://dnscrypt.pl/

Then pass that to unbound.

https://unbound.net/

"I'd recommend the Polish DNScrypt server over the OpenDNS dnscurve/dnscrypt servers. For several reasons that should be obvious,

Latency is not a big issue from North America to Poland, at least from my experience. Consider that it passes on to Unbound which can cache, that alleviates much of the issue."

/tech/ suggested DNS to avoid.

The case against OpenDNS

">"When you use our Services, OpenDNS stores certain DNS, IP address and related information about you to improve the quality of our Service, to provide you with Services and for internal business and analysis purposes. For example, OpenDNS runs a Domain Name System (DNS) service. DNS translates a domain name (e.g., http://www.example.com) into the corresponding numerical address (e.g., 192.0.34.166) that allows your system to access the domain over the network."

https://archive.is/rXAUn >> My ISP's DNS is shit. What are some DNS servers that respect muh freedom/privacy. Currently using Google's because I don't know any other ones. >> http://8ch.net/tech/res/383193.html


Google DNS This should obvious. ^:)

Source:

https://archive.is/zHqRd >> DNS servers >> http://8ch.net/tech/res/377832.html