Does Cash DNS give some advantages in safety?
On 2022-04-08 08:06, Thoughts wrote:
> Note that any dns caching software would help, unbound is just one
> popular one. dnsmasq is another. In fact, if you wanted to, you
> could use the full bind package and configure it for caching and
>
DNS Caching (not Cash) simple does a normal lookup for an DNS domain
requested and remembers it for some period of time so that it can answer
from its cache of known addresses in microseconds (instead of the
hundreds of milliseconds it might take to inquire over the internet) the
next time
Note that any dns caching software would help, unbound is just one
popular one. dnsmasq is another. In fact, if you wanted to, you could
use the full bind package and configure it for caching and forwarding,
although that would be a bit of overkill. Once you install caching
software, make
>From my point of view, it's mostly about reliability. You can use the hoster's
>DNS resolver, but be aware that a high-bandwidth exit asks a lot of DNS
>requests. Not every hoster's DNS resolver might be able to cope with it and as
>a result your exit might give users a poor experience.
Best
I was setting up exit nodes and I had a question. Why is it recommended
to use DNS caching software Unbound? What benefits does it provide
compared to using hoster's DNS resolver?
___
tor-relays mailing list
tor-relays@lists.torproject.org
On Wed, 23 Jan 2019 11:23:50 +0100
dns1...@riseup.net wrote:
> Of course. But, as far as I know, you can host multiple domains to
> the same ip. So, in such case, if you only know the ip you can't tell
> what domain I visit.
>
If your adversary is able to catch your packets, then he's able to
Ok, i understood. So, for my purposes it's not useful to change dns servers.
I'll continue to use my ISP DNS servers or those of my virtual server provider.
Thanks
Il 23 gennaio 2019 15:54:34 CET, Dmitrii Tcvetkov ha
scritto:
>On Wed, 23 Jan 2019 11:23:50 +0100
>dns1...@riseup.net wrote:
>
>>
Of course. But, as far as I know, you can host multiple domains to the
same ip. So, in such case, if you only know the ip you can't tell what
domain I visit.
It's just that I don't understand why the public dns providers claim to
improve privacy.
Il 23/01/19 09:01, Rose ha scritto:
adversaries can already see what IP addresses you are connecting to,
even though they can't see your DNS queries, they can easily just do a
reverse DNS on the IP addresses you connect to, to find out what you
were doing.
On 23/01/19 2:32 PM, dns1...@riseup.net wrote:
> In the threat model that I
In the threat model that I worry about, DNS are part of the problem. If
a malicious entity can put together DNS data with other big data, It can
increases its power and becomes a more dangerous threat.
But as I said, I lack many networking notions.
Anyway I find very satisfying the solutions
This is what I do:
My tor exit node runs on its own, but I have a full caching bind
server on a different VM. This services some domains I run, with ACLs
to do regular DNS.
I use the following DNS servers:
2606:4700:4700:: -- Cloudflare
2001:1608:10:25::1c04:b12f -- https://dns.watch/
Ah, I didn't know It, obviously ;).
Thanks
Il 22 gennaio 2019 10:29:39 CET, Rose ha scritto:
>*the option should go in your torrc
>
>On 22/01/19 5:26 PM, Rose wrote:
>> If you run Tor on your devices in your home network, you can use the
>> option 'DNSPort ', so for example, if you did
*the option should go in your torrc
On 22/01/19 5:26 PM, Rose wrote:
> If you run Tor on your devices in your home network, you can use the
> option 'DNSPort ', so for example, if you did 'DNSPort 53'
> (default port for DNS), and set your DNS to 127.0.0.1, you can make it
> so all your DNS
If you run Tor on your devices in your home network, you can use the
option 'DNSPort ', so for example, if you did 'DNSPort 53'
(default port for DNS), and set your DNS to 127.0.0.1, you can make it
so all your DNS queries go over Tor anonymously.
On 22/01/19 5:13 PM, dns1...@riseup.net wrote:
>
OK. I think that I'll buy a new virtual server in an anonymously way, set my
DNS server and than use that server for my exit relays and my devices too. I
have just to think how to anonymize queries from my home network.
Thanks
Il 22 gennaio 2019 10:05:41 CET, Rose ha scritto:
>The best
The best option for DNS is doing DNS resolution yourself, the Tor relay
guide wiki talks about how to do this on common Linux distros and FreeBSD
https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#DNSonExitRelays
On 22/01/19 4:43 PM, dns1...@riseup.net wrote:
> Hello,
>
> i'm a
Hello,
i'm a student, so I lack many networking notions.
Which are the most privacy reliable public dns servers? I don't exactly know
how choose a third part DNS server. I read that cloudfare servers are audited
by third parties but I'm not sure that I can trust. do you think that audition
17 matches
Mail list logo
