hello friends! new(ish)!

DNS: Difference between revisions

From InstallGentoo Wiki v2
Jump to navigation Jump to search
>Mrsnooze
m (added dns protest photo, typo)
>Galactus
(Fixed formatting and ffs, are you insane? Suggesting GOOGLE's DNS servers of all corporations?)
Line 1: Line 1:
'''Domain Name Systems''' convert domain names (e.g. wiki.installgentoo.com) into ip addresses (e.g. 176.9.127.115). By default, you're probably using your ISP's DNS.
'''Domain Name Systems''' convert domain names (e.g. wiki.installgentoo.com) into ip addresses (e.g. 176.9.127.115). By default, you're probably using your ISP's DNS.


= Alternative DNS Servers =
== Alternative DNS Servers ==
If you're unhappy with your ISP's DNS services, consider the following:
If you're unhappy with your ISP's DNS services, consider the following:
; Google
: 8.8.8.8
: 8.8.4.4


; OpenNIC
; OpenNIC
: The [https://www.opennicproject.org/ OpenNIC Project] relies on volunteers to provide censorship free DNS servers.
: The [https://www.opennicproject.org/ OpenNIC Project] relies on volunteers to provide censorship free DNS servers.


= Problems with DNS =
== Problems with DNS ==
* DNS can be used for censorship.
* DNS can be used for censorship.
[[File:dnsboobs.jpg|thumb|200px|right|Arab Spring protestor advising alternative DNS servers to avoid government censorship.]]
[[File:dnsboobs.jpg|thumb|200px|right|Arab Spring protestor advising alternative DNS servers to avoid government censorship.]]
Line 20: Line 16:
: If an attacker controls your DNS (e.g. poisoned WiFi), they can redirect your requests to malicious servers. HTTPS with valid certificates can protect against this, but tech illiterate users generally click through security warnings with gay abandon.
: If an attacker controls your DNS (e.g. poisoned WiFi), they can redirect your requests to malicious servers. HTTPS with valid certificates can protect against this, but tech illiterate users generally click through security warnings with gay abandon.


= Securing DNS =
== Securing DNS ==
Main Article: [[Anonymising_Yourself#DNS | Anonymous DNS]]
Main Article: [[Anonymising_Yourself#DNS | Anonymous DNS]]

Revision as of 05:45, 5 March 2016

Domain Name Systems convert domain names (e.g. wiki.installgentoo.com) into ip addresses (e.g. 176.9.127.115). By default, you're probably using your ISP's DNS.

Alternative DNS Servers

If you're unhappy with your ISP's DNS services, consider the following:

OpenNIC
The OpenNIC Project relies on volunteers to provide censorship free DNS servers.

Problems with DNS

  • DNS can be used for censorship.
Arab Spring protestor advising alternative DNS servers to avoid government censorship.
The DNS owner can redirect any domain name to any IP address. This can happen due to siteblocking legislation (e.g. U.K.) or totalitarian governments (e.g. Arab Spring).
DNS is the simplest way to block a website from a tech illiterate user, and also the easiest site blocking method to circumvent.
  • DNS can be used for Man in the Middle attacks.
If an attacker controls your DNS (e.g. poisoned WiFi), they can redirect your requests to malicious servers. HTTPS with valid certificates can protect against this, but tech illiterate users generally click through security warnings with gay abandon.

Securing DNS

Main Article: Anonymous DNS