[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] Secure dns queries
- Subject: [ale] Secure dns queries
- From: dustin.h.strickland at gmail.com (Dustin Priest)
- Date: Sun, 2 Apr 2017 22:09:50 -0400
- In-reply-to: <[email protected]>
- References: <CAEo=5Py0cZWPs4kEpxW85Y7RHtOMj5BYsOKNc=ZwOF5j9-jU8A@mail.gmail.com> <CAEo=5PygH7Be3v-_1TLhLJdZn6-M5Fnawe5kXo+dCYEdU7n8FA@mail.gmail.com> <CAEo=5PxWrESk=r2j662NgyPC2QvYG8SMwHJ32vNN2tAYqoFt+Q@mail.gmail.com> <CAEo=5PxcX6cYOcNWpZZm2GY2Z-Xf9hpZOW9dd9jT_+t6dOu5tg@mail.gmail.com> <CAEo=5Pxo1uS-AXuK1DD8CfU4fpE0ZvwOaJnavd1nFg0At0-Z9w@mail.gmail.com> <CAEo=5PxfxqXVw7kQQxgrNXMuvgJ8rYmWfeeYETBitudqHB_wnw@mail.gmail.com> <[email protected]>
Adding to VPN, another possibility may be to make a gateway that routes
all traffic from your LAN to the internet through TOR. I recall seeing
something called Onion Pi or similar that does this with a Raspberry Pi
if you want an easy drop-in solution.
On 4/2/2017 8:16 PM, Alex Carver wrote:
> On 2017-04-02 16:56, Jim Kinney wrote:
>> With the new "Comcast can sell your data" crap, I've been looking at various
>> privacy solutions (vpn, tor, etc) and I realized a metadata problem: dns. The
>> queries are NOT encrypted. The security is in place to prevent/slow bogus data
>> but "Fred's looking up the IP address for another pr0n site" data still exists.
>>
>> Solutions. Comments.
> You can tunnel your DNS queries over VPN if you set up full VPN. If
> you're just wanting to cover the browser and leave everything else then
> set the browser up for SOCKS 5, tunnel over SSH to a remote host and
> enable the setting for DNS over SOCKS in the browser which will use the
> tunnel endpoint DNS resolver instead of yours. You can't hide from that
> end's resolver records but your ISP won't have them.
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo