DNS Server Privacy

Hey everyone,

Wanted to hear this communities thoughts on DNS servers and privacy implications. Currently I am using OpenDNS, but am revisiting other DNS services due to any privacy issues that misuse of a DNS could cause.

What DNS providers do you all use? Or do you roll your own?

1 Like

Privacy is a heck of a chore on the internet and mostly pointless. But playing with networking is fun so my vote is definitely for roll your own.

Found that yesterday, might be a good read for you:
https://www.linuxjournal.com/content/own-your-dns-data?page=0,0

I am still pondering if I should set my bind9 to directly ask the root servers

1 Like

You could roll your own. Though remember your DNS will ask others for info to get the IP for you.

Open NIC , which is actually open. Is a community run DNS service with many servers running with no logging . You might look at that .

1 Like

Thanks for the heads up on this

Yeah I was looking into OpenNIC actually.

Was hesitant due to the policies being determined by the individual operators, but I've only heard good things. Will give it a try.

They list the policies for each server. And you pick the servers.. Better than OpenDNS which is neither open nor in it for you. there in it for money, so like Google, your the product.

1 Like

Not entirely true, you have to pick a DNS that has no logging. To do that, you'll have to choose one manually from the list instead of just using the ones they give you automatically under, "Give me the numbers, I know what Iā€™m doing!" on the homepage. Many of the ones based in US and Canada have gone dark in the past five years.

Right, if you dont look at the list sure, the home page give you a random pick. But the list is there and it tells you what the server does or doesnt do.

The downside of not being the customer i suppose?

Actually, they're not so random. I believe the site can detect your IP...if you're not spoofing it or using a VPN. There needs to be a way to flag servers that are down, but the new anycast servers largely solve this problem.

Looks like it picks some servers with some reference to your location, but its always giving me at least one extra out of country option. Prefers EU servers slightly more 2/4 in the UK. Prefers US servers slightly more 3/4 in the US.

I believe theres some automatic testing for monitoring servers?

There is but it's slow. I know this is probably to give the owner the benefit of the doubt, but there really should be some kind of warning flag, or indication right on the list page, instead of having to click for further details. Otherwise you'll have to resort to trial-and-error to find a working one.

You could run your own DNS server with something like a raspberry pi or openwrt on your router currently I'm running Google DNS but im hoping to get my own DNS server setup once I build a decent PC for caching and various other tasks.