NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Securing DNS traffic

So I'm not big into DNS and I don't have a firm grasp on all of these
techniques, but I have an idea.

This is all just a big game of who are you hiding from right? If you
hide from your ISP, now you have to trust the DNS server provider. Who
among them are to be trusted?

For example I'm pretty sure I could set up a DNS proxy somewhere in
the "cloud" on some minimal operating system, then run ipsec in
transport mode between my router and that server, and point all my
clients to my proxy. There, I've successfully hidden from my ISP. I
could do it over IPv6 just to be extra obfuscated.

But does my ISP now get interested and ask the cloud provider where my
DNS traffic is going, then they ask the DNS server provider on the
other end? This is all very black helicopter type of stuff but I
suppose it's possible. Is this really how far it goes? Do I really
have to do everything through Tor?

Maybe I missed something.


Home | Main Index | Thread Index | Old Index