Re: Securing DNS traffic

To: "NetBSD Users's Discussion List" <netbsd-users%netbsd.org@localhost>
Subject: Re: Securing DNS traffic
From: Andy Ruhl <acruhl%gmail.com@localhost>
Date: Mon, 25 May 2020 20:37:07 -0700

So I'm not big into DNS and I don't have a firm grasp on all of these
techniques, but I have an idea.

This is all just a big game of who are you hiding from right? If you
hide from your ISP, now you have to trust the DNS server provider. Who
among them are to be trusted?

For example I'm pretty sure I could set up a DNS proxy somewhere in
the "cloud" on some minimal operating system, then run ipsec in
transport mode between my router and that server, and point all my
clients to my proxy. There, I've successfully hidden from my ISP. I
could do it over IPv6 just to be extra obfuscated.

But does my ISP now get interested and ask the cloud provider where my
DNS traffic is going, then they ask the DNS server provider on the
other end? This is all very black helicopter type of stuff but I
suppose it's possible. Is this really how far it goes? Do I really
have to do everything through Tor?

Maybe I missed something.

Andy

Follow-Ups:
- Re: Securing DNS traffic
  - From: Sad Clouds

References:
- Securing DNS traffic
  - From: Sad Clouds
- Re: Securing DNS traffic
  - From: Havard Eidnes
- Re: Securing DNS traffic
  - From: Aaron B.
- Re: Securing DNS traffic
  - From: Niels Dettenbach
- Re: Securing DNS traffic
  - From: Aaron B.
- Re: Securing DNS traffic
  - From: Greg A. Woods

Prev by Date: Re: Securing DNS traffic
Next by Date: Re: Securing DNS traffic
Previous by Thread: Re: Securing DNS traffic
Next by Thread: Re: Securing DNS traffic
Indexes:

Home | Main Index | Thread Index | Old Index