What DNS do you use?

What DNS do you use?

I've been using OpenDNS for a while, but seems like they don't let you reach cock.li, which doesn't seem really (((open))).
Services like Google and FreeDNS are even more fishy/botnet...

Other urls found in this thread:

simplednscrypt.org/
twitter.com/SFWRedditVideos

Use dnscrypt-proxy or run a name server locally and query it.

Seems like this question ought to be in one of the stickies.

Wow what the fuck. I've been using OpenDNS for a very long time and this is the first I've ever encountered an apparently blocked or de-listed domain. When did they start doing this shit?

Way too much trouble for something as simple as DNS. I just need something that doesn't fuck me in the ass

I've been using OpenNIC for the past year or two. It is good.

Thanks, user!
This seems like the least bad option so far.

google, unironically.

>>>Holla Forums

Tor daemon provides encrypted access to their DNS servers. You just instar tor, configure a port and set your system DNS to 127.0.0.1:
OpenNic with DNSCrypt is also a good alternative.

dns.d0wn.biz has DNSCrypt-proxy addresses I use, with OpenNIC as backups, OpenDNS is NSA. Avoid asap

dnscrypt.pl
opennic.org
4.2.2.2

t. freech

I literally just need to tick one check box on my tomato router to enable dnscrypt.

OpenDNS has always been cancer, I don't know why you all hopped on it. The whole reason it started was to spam people via typo squatting and sell data.

what router do you have?

This is the first time I've seen someone on Holla Forums who voluntarily uses it. Are you confusing it with OpenNIC? That's fairly popular here.

I thought tor just hits the DNS of w/e the exit proxy is?

That's how I understand it, too. So if the exit node operator is a bad actor, he could theoretically be redirecting you to fake sites. For what reason I don't know, since he still wouldn't know your ip address.

simplednscrypt.org/

i've thought about setting up some kind of custom dns server / vm, that hits a couple dns servers over tor, and checks for consensus. You could open up more than 1 DNSPort, hit them all and then only return something if there's consensus, and/or connect to a vpn over tor and hit regular dns servers

dat lag tho mane

etc.

check out convergence by moxie marlin spike, let's you do exactly that.

...

Unbound.

Reminder that OpenDNS is Cisco. They'll gladly whore themselves to anyone willing to pay.


Let me give you some reasons to use dnscrypt-proxy: it comes with a nice adblocking list and you can filter hostnames using wildcards. Let's see any other caching dns proxy try that (Unbound I'm looking at your heavy ass).


d0wn left OpenNIC. What happened? Is he still trustworthy? There's like zero information of who he is out there (or any of the other OpenNIC member servers for that matter)

He probably got a 'National Security Letter' and decided to close up shop rather than work for the spooks. When privacy/security/anonymity services suddenly end with no rhyme, reason, or explanation, that's always a good bet.

I didn't even know it can filter hostnames with wildcards. Thats a huge fucking feature to me, thanks.

You're going to run into trouble with hostnames that intentionally resolve to multiple IPs.

Run unbound against root nameservers with dnssec enabled.

The servers are working fine but he delisted himself from OpenNIC. There's an announcement somewhere in his blog I'm too untermensch to understand it.