[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Secure dns queries

Subject: [ale] Secure dns queries
From: agcarver+ale at acarver.net (Alex Carver)
Date: Sun, 2 Apr 2017 17:16:43 -0700
In-reply-to: <CAEo=5PxfxqXVw7kQQxgrNXMuvgJ8rYmWfeeYETBitudqHB_wnw@mail.gmail.com>
References: <CAEo=5Py0cZWPs4kEpxW85Y7RHtOMj5BYsOKNc=ZwOF5j9-jU8A@mail.gmail.com> <CAEo=5PygH7Be3v-_1TLhLJdZn6-M5Fnawe5kXo+dCYEdU7n8FA@mail.gmail.com> <CAEo=5PxWrESk=r2j662NgyPC2QvYG8SMwHJ32vNN2tAYqoFt+Q@mail.gmail.com> <CAEo=5PxcX6cYOcNWpZZm2GY2Z-Xf9hpZOW9dd9jT_+t6dOu5tg@mail.gmail.com> <CAEo=5Pxo1uS-AXuK1DD8CfU4fpE0ZvwOaJnavd1nFg0At0-Z9w@mail.gmail.com> <CAEo=5PxfxqXVw7kQQxgrNXMuvgJ8rYmWfeeYETBitudqHB_wnw@mail.gmail.com>

On 2017-04-02 16:56, Jim Kinney wrote:
> With the new "Comcast can sell your data" crap, I've been looking at various 
> privacy solutions (vpn, tor, etc) and I realized a metadata problem: dns. The 
> queries are NOT encrypted. The security is in place to prevent/slow bogus data 
> but "Fred's looking up the IP address for another pr0n site" data still exists.
> 
> Solutions. Comments.

You can tunnel your DNS queries over VPN if you set up full VPN.  If
you're just wanting to cover the browser and leave everything else then
set the browser up for SOCKS 5, tunnel over SSH to a remote host and
enable the setting for DNS over SOCKS in the browser which will use the
tunnel endpoint DNS resolver instead of yours.  You can't hide from that
end's resolver records but your ISP won't have them.

Follow-Ups:
- [ale] Secure dns queries
  - From: dustin.h.strickland at gmail.com (Dustin Priest)

References:
- [ale] Secure dns queries
  - From: jim.kinney at gmail.com (Jim Kinney)

Prev by Date: [ale] Secure dns queries
Next by Date: [ale] Secure dns queries
Previous by thread: [ale] Secure dns queries
Next by thread: [ale] Secure dns queries
Index(es):
- Date
- Thread