DNS thread

Easton Peterson
Easton Peterson

G'day Zig Forums, recently I've been searching for good DNS providers and would like to gather some opinions on which on to chose. Currently I'm torn between open-DNS and Cloudflare-DNS but I'd appreciate alternate options.

Attached: Screenshot-from-2019-04-13-14-09-12.png (4.42 KB, 118x45)

Other urls found in this thread:

servers.opennic.org/
github.com/opennic/ldapServerEditor
digitalcourage.de/support/zensurfreier-dns-server
dismail.de/info.html#dns
blog.uncensoreddns.org/dns-servers/
securedns.eu/
dnscrypt.info/protocol/
de.wikipedia.org/wiki/DNS_over_TLS

Mason Edwards
Mason Edwards

OpenDNS is Cisco Jewery (since it was bought out, at least). Cuckflare? Are you serious. Just use OpenNIC.

Justin Jackson
Justin Jackson

cloudflare
Not even as a shitpost.
Also, this is your daily reminder that DNS is a completely superfluous thing that has no technical right to be so deeply entrenched in the system. Remember to put your most commonly used sites in your hostfile.

Evan Anderson
Evan Anderson

Don't use cuckflare dns.
Opendns is fine but i personally would recommend opennic

Noah Young
Noah Young

Just download a hosts file and be your own DNS.

Easton Jones
Easton Jones

But how will I get all these JS libraries from CDNs?

Blake Wilson
Blake Wilson

opennicproject but their website turned to shit a few years ago.

Ethan Richardson
Ethan Richardson

i just use whatever comes from dhcp. too lazy to care and i want to die anyway so its only good if the cops come and shoot me.

Levi Bell
Levi Bell

run unbound as an upstream to pihole

Jose Wilson
Jose Wilson

Unbound.
kikeflare
Yeah if you want to make sure the glows in the dark always know which sites you access.

Evan Ramirez
Evan Ramirez

cloudflare dns
Haha yes let's give cloudlflare even more of a stranglehold on the internet.
This, grab yourself a no-log server and use dnscrypt. I've used dnsmasq's built-in dnscrypt support, but it seems that for dnscryptv2 you should run dnsmasq->dnscrypt-proxy->opennic server

servers.opennic.org/

Camden Hall
Camden Hall

I've used dns.watch for a while and it seems fairly solid.

Brayden Sullivan
Brayden Sullivan

Use Tor for sensitive stuff, mate. The remaining clear stuff will make you look normal to the glowing eyes.

Jaxon Rivera
Jaxon Rivera

opennic
now some totally trustworthy stranger has your dns records instead of some corp
Neither is good but you gotta pick one. At least cuckflare is fast

Attached: 123713465273.png (253.92 KB, 2396x1616)

Christopher Butler
Christopher Butler

I've been using OpenNIC for years with no issues. It's community-based so you gotta trust in some random guy online to keep his server online and keeping his promise to not log activity, but other than that it's been great.

In theory you could use GNUnet's GNS as an alternative to regular DNS, but I don't think there are tutorials for it.

Attached: 1551781434202.jpg (157.45 KB, 1080x1204)

Sebastian Young
Sebastian Young

OpenNIC has had a number of severe security flaws which remained unpatched for years, and other issues which remain unaddressed. There's not much in the way of active development toward improving their systems. If someone cared to disrupt OpenNIC, it wouldn't take much.

Tyler Evans
Tyler Evans

Only if you are trying to advertise what you are doing and get correlated.

Sebastian Walker
Sebastian Walker

OpenNIC has had a number of severe security flaws
I think you're confusing it with something else.
Google yields no results and to me it's just a website that tells me how to set things up.

Nathan Turner
Nathan Turner

No, I know quite well there are many issues because I'm the one who discovered them.

Luke Barnes
Luke Barnes

You don't know what opennicproject is and never discovered anything in your life.
Pics or didn't happen, gtfo failtroll.

Thomas Taylor
Thomas Taylor

Join their IRC and ask if you'd like to confirm it. I don't think they'd try to hide the fact that there have been issues. To be more specific, the most sever of which involved (multiple methods of) complete domain takeovers and DoS via inserting invalid DNS entries.

Kayden Howard
Kayden Howard

As long as you talk cryptic shit like that you might as well not say anything :-/
People who talk like you usually try to hide the fact that some mundane standard glitch was used, in this case a DNS one, that has nothing to do with the topic of discussion, in this case OpenNIC.

Tyler Parker
Tyler Parker

...so either link to a website or explain one of the issues you found :-/

Christian Evans
Christian Evans

why are you even here

Joseph Martin
Joseph Martin

Are you serious?
You can't just go around and claim OpenNIC is insecure (more insecure than other DNS providers) and not back it up.
Do you even science?

Wyatt Adams
Wyatt Adams

OpenNIC lacks the resources and drive necessary to actively develop and improve their systems.
The vulnerabilities I discovered weren't anything complex, just standard cases of naively trusting user input. This led to deleting/editing domains without ownership, inserting invalid DNS entries (DoS), and also editing the T1/T2 nameservers. I believe they've fixed the issues I've reported, but I had done penetration testing on them years prior and found similar issues at the time.
The unpatched T1/T2 code is available on Github, the issue is there's no authentication between edit.php's POST request to _edit.php: github.com/opennic/ldapServerEditor

Blake Turner
Blake Turner

bump3

William Mitchell
William Mitchell

Moot thread tbh in the days of more and more ISPs hijacking UDP port 53

Jose Roberts
Jose Roberts

Use dnscrypt-proxy as it forces you the user encrypted dns and the server operator to configure basic security/ssl as to encrypt the dns. OpenNIC and openDNS are just kike controlled opposition as poster above found out by their insecurity. Its a joke. Most dnscrypt-proxy servers are controlled by five eyes or the kikes in fake israel though.

Julian Rogers
Julian Rogers

HAPAS ARE SUPERIOR TO WHITES

Owen Walker
Owen Walker

HAPAS ARE SUPERIOR TO WHITES

Caleb Powell
Caleb Powell

HAPAS ARE SUPERIOR TO WHITES

Jason Parker
Jason Parker

HAPAS ARE SUPERIOR TO WHITES

Jaxon Long
Jaxon Long

HAPAS ARE SUPERIOR TO WHITES

Jayden Reed
Jayden Reed

HAPAS ARE SUPERIOR TO WHITES

Carson Barnes
Carson Barnes

HAPAS ARE SUPERIOR TO WHITES

Connor Rogers
Connor Rogers

HAPAS ARE SUPERIOR TO WHITES

Nathaniel Myers
Nathaniel Myers

HAPAS ARE SUPERIOR TO WHITES

Jonathan Ortiz
Jonathan Ortiz

HAPAS ARE SUPERIOR TO WHITES

Kayden Bailey
Kayden Bailey

Using the mainstream ones (Google, Cloudflare, ...) or your ISP's default one is a bad idea if you care about privacy. Imo a DNS should be uncensored, free, and it shouldn't log anything.
Here are some that I like:
digitalcourage.de/support/zensurfreier-dns-server (located in Germany)
dismail.de/info.html#dns (located in Germany)
blog.uncensoreddns.org/dns-servers/ (located in Denmark and USA)
securedns.eu/ (probably located in the Netherlands)

Note that DNS is always unencrypted by default. If you really want to prevent anyone from looking at your internet traffic by collecting your dns requests, you can check out DNSCrypt dnscrypt.info/protocol/ or DNS over TLS de.wikipedia.org/wiki/DNS_over_TLS
Not all servers support DNScrypt though and even fewer support DNS over TLS. However, digitalcourage and dismail do for example.

Lucas Moore
Lucas Moore

I smell some satanic fuckery here.

Isaiah Miller
Isaiah Miller

Looks like some Soros-funded controlled opposition to me.

Michael Murphy
Michael Murphy

Why is there so much racism in this thread?

Cameron Martinez
Cameron Martinez

I smell rats.

Michael Richardson
Michael Richardson

Fuck off moshe.

Brayden Sanchez
Brayden Sanchez

This isn't going to work. Try again.

Disable AdBlock to view this page

Disable AdBlock to view this page

Confirm your age

This website may contain content of an adult nature. If you are under the age of 18, if such content offends you or if it is illegal to view such content in your community, please EXIT.

Enter Exit

About Privacy

We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our advertising and analytics partners.

Accept Exit