Does Cash DNS give some advantages in safety?
On 2022-04-08 08:06, Thoughts wrote:
> Note that any dns caching software would help, unbound is just one
> popular one. dnsmasq is another. In fact, if you wanted to, you
> could use the full bind package and configure it for caching and
> forwarding
DNS Caching (not Cash) simple does a normal lookup for an DNS domain
requested and remembers it for some period of time so that it can answer
from its cache of known addresses in microseconds (instead of the
hundreds of milliseconds it might take to inquire over the internet) the
next time that
Note that any dns caching software would help, unbound is just one
popular one. dnsmasq is another. In fact, if you wanted to, you could
use the full bind package and configure it for caching and forwarding,
although that would be a bit of overkill. Once you install caching
software, make su
>From my point of view, it's mostly about reliability. You can use the hoster's
>DNS resolver, but be aware that a high-bandwidth exit asks a lot of DNS
>requests. Not every hoster's DNS resolver might be able to cope with it and as
>a result your exit might give users a poor experience.
Best R
On Wed, 23 Jan 2019 11:23:50 +0100
dns1...@riseup.net wrote:
> Of course. But, as far as I know, you can host multiple domains to
> the same ip. So, in such case, if you only know the ip you can't tell
> what domain I visit.
>
If your adversary is able to catch your packets, then he's able to se
Ok, i understood. So, for my purposes it's not useful to change dns servers.
I'll continue to use my ISP DNS servers or those of my virtual server provider.
Thanks
Il 23 gennaio 2019 15:54:34 CET, Dmitrii Tcvetkov ha
scritto:
>On Wed, 23 Jan 2019 11:23:50 +0100
>dns1...@riseup.net wrote:
>
>>
Of course. But, as far as I know, you can host multiple domains to the
same ip. So, in such case, if you only know the ip you can't tell what
domain I visit.
It's just that I don't understand why the public dns providers claim to
improve privacy.
Il 23/01/19 09:01, Rose ha scritto:
adversar
adversaries can already see what IP addresses you are connecting to,
even though they can't see your DNS queries, they can easily just do a
reverse DNS on the IP addresses you connect to, to find out what you
were doing.
On 23/01/19 2:32 PM, dns1...@riseup.net wrote:
> In the threat model that I w
In the threat model that I worry about, DNS are part of the problem. If
a malicious entity can put together DNS data with other big data, It can
increases its power and becomes a more dangerous threat.
But as I said, I lack many networking notions.
Anyway I find very satisfying the solutions y
This is what I do:
My tor exit node runs on its own, but I have a full caching bind
server on a different VM. This services some domains I run, with ACLs
to do regular DNS.
I use the following DNS servers:
2606:4700:4700:: -- Cloudflare
2001:1608:10:25::1c04:b12f -- https://dns.watch/
2600::
Ah, I didn't know It, obviously ;).
Thanks
Il 22 gennaio 2019 10:29:39 CET, Rose ha scritto:
>*the option should go in your torrc
>
>On 22/01/19 5:26 PM, Rose wrote:
>> If you run Tor on your devices in your home network, you can use the
>> option 'DNSPort ', so for example, if you did 'DNSPor
*the option should go in your torrc
On 22/01/19 5:26 PM, Rose wrote:
> If you run Tor on your devices in your home network, you can use the
> option 'DNSPort ', so for example, if you did 'DNSPort 53'
> (default port for DNS), and set your DNS to 127.0.0.1, you can make it
> so all your DNS querie
If you run Tor on your devices in your home network, you can use the
option 'DNSPort ', so for example, if you did 'DNSPort 53'
(default port for DNS), and set your DNS to 127.0.0.1, you can make it
so all your DNS queries go over Tor anonymously.
On 22/01/19 5:13 PM, dns1...@riseup.net wrote:
> O
OK. I think that I'll buy a new virtual server in an anonymously way, set my
DNS server and than use that server for my exit relays and my devices too. I
have just to think how to anonymize queries from my home network.
Thanks
Il 22 gennaio 2019 10:05:41 CET, Rose ha scritto:
>The best opti
The best option for DNS is doing DNS resolution yourself, the Tor relay
guide wiki talks about how to do this on common Linux distros and FreeBSD
https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#DNSonExitRelays
On 22/01/19 4:43 PM, dns1...@riseup.net wrote:
> Hello,
>
> i'm a student,
15 matches
Mail list logo
