[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] ORSN DNS servers vs OpenNic



Check this list and choose the ones with the lowest ping from your node:
https://www.lifewire.com/free-and-public-dns-servers-2626062

Make sure to avoid DNS servers marketed as "secure" (for example, do
NOT use "Comodo Secure DNS") since they perform arbitrary
censorship/redirection. Also, do not use Google as it already sees
>30% of all Tor exit traffic.

On your node, run dnsmasq with a large (10000) cache as a fast and
secure alternative to running a full DNS server. That can prevent some
DNS-based timing attacks.


On Fri, Aug 4, 2017 at 7:29 AM, niftybunny
<abuse@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
> I got lots of  "[WARN] eventdns: All nameservers have failed" with my own
> DNS server. With the 4 DNS servers I posted here a few minutes ago, I never
> saw this warning again.
>
> niftybunny
>
> “Cheery was aware that Commander Vimes didn't like the phrase 'The innocent
> have nothing to fear', believing the innocent had everything to fear, mostly
> from the guilty but in the longer term even more from those who say things
> like 'The innocent have nothing to fear'.”
>
> ― Terry Pratchett, Snuff
>
> On 4. Aug 2017, at 16:23, Matt Traudt <sirmatt@xxxxxxx> wrote:
>
>
>
> On 8/4/17 10:11, Chuck McAndrew wrote:
>
> What are the best DNS servers to use for Privacy? I have been using
> OpenNic Project servers which don't do logging, but recently found out
> about the Open Root Server Network (ORSN) and have been considering
> using them as well. Does anyone have any thoughts, positive or negative,
> about either of these? Are there better public DNS servers to use?
> Thanks
> Chuck
>
>
> If I remember the following paper correctly, the best case scenario
> would be for each exit to run its own DNS resolver. You should read it
> and make sure I remember correctly ;)
>
> https://freedom-to-tinker.com/2016/09/29/the-effect-of-dns-on-tors-anonymity/
>
> https://nymity.ch/tor-dns/tor-dns.pdf
>
> Matt
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays