[ale] Secure dns queries

Alex Carver agcarver+ale at acarver.net
Sun Apr 2 20:16:43 EDT 2017


On 2017-04-02 16:56, Jim Kinney wrote:
> With the new "Comcast can sell your data" crap, I've been looking at various 
> privacy solutions (vpn, tor, etc) and I realized a metadata problem: dns. The 
> queries are NOT encrypted. The security is in place to prevent/slow bogus data 
> but "Fred's looking up the IP address for another pr0n site" data still exists.
> 
> Solutions. Comments.

You can tunnel your DNS queries over VPN if you set up full VPN.  If
you're just wanting to cover the browser and leave everything else then
set the browser up for SOCKS 5, tunnel over SSH to a remote host and
enable the setting for DNS over SOCKS in the browser which will use the
tunnel endpoint DNS resolver instead of yours.  You can't hide from that
end's resolver records but your ISP won't have them.



More information about the Ale mailing list