[kwlug-disc] CCC talk about DNS(ystem)
Chris Irwin
chris at chrisirwin.ca
Thu Apr 9 02:09:00 EDT 2020
On Thu, Apr 09, 2020 at 12:48:23AM +0000, Doug Moen wrote:
>What are the privacy and security implications of running your own DNS
>server (BIND), as opposed to relying on your ISP's DNS servers?
You may already have a local caching DNS server if you're using a
consumer router (dnsmasq, likely, instead of BIND). By default, it will
just forward requests to your ISP, but you can change that in pretty
much any router. (Whether you can enable/enforce DoT or DoH lookups on
your router really depends on the firmware, and probably isn't common).
DoT would require you to configure your system to use it (applications
have no control over it). That is one of several reasons DoH is gaining
support in browsers, because Firefox can add encrypted DNS lookups into
the software (and get more inforamtion about the responses as well)
without "hoping" the system does it (most don't).
--
Chris Irwin
email: chris at chrisirwin.ca
xmpp: chris at chrisirwin.ca
web: https://chrisirwin.ca
More information about the kwlug-disc
mailing list