cross-posted from: https://lemmy.ml/post/26984767

DNS0 EU

The European public DNS that makes your Internet safer.

A free, sovereign and GDPR-compliant recursive DNS resolver with a strong focus on security to protect the citizens and organizations of the European Union.

  • IZZI@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    ·
    6 days ago

    No, I just don’t understand how a DNS can be secure or not secure

    • towerful@programming.dev
      link
      fedilink
      arrow-up
      3
      ·
      6 days ago

      You can get a lot of metadata from DNS lookups.

      Traditional DNS is just simple UDP. There is no authentication of authority.
      There are actually DNS attacks where - if you are intercepting the traffic - you can reply faster than the actual DNS. At which point the client will trust whatever you return as it arrived first.
      Indeed, that’s how multiple DNS addresses work. Your computer will yeet a request to all configured DNS. First response gets used.

      Also, as it’s unencrypted, anyone that can snoop the traffic can see what domain names you are requesting.

      There are a few standards that are working to solve this including DoH (DNS over HTTPS) and DoT (DNS over TLS).

    • twix@infosec.pub
      link
      fedilink
      arrow-up
      2
      ·
      6 days ago

      You can see a DNS server as a phone book for your computer. Your computer needs to seek a connection to an ip address to display a website for example. But you as a user only knows the url of the website. So your computers asks the dns server which ip address it should go to.