Some DNS questions
https://lemmy.ml/post/19772261
=> More informations about this toot | More toots from GolfNovemberUniform@lemmy.ml
There are host lists out there you can use, eg github.com/StevenBlack/hosts
tl;dr you append it to your OS hosts file. On Linux it’s /etc/hosts
=> More informations about this toot | More toots from hackerwacker@lemmy.ml
I suggest ControlD.com p2 server as its free and kills known malware, trackers, and ads with no work other than adding it. They have a p3 that blocks big social and p0 blocks nothing.
=> More informations about this toot | More toots from shortwavesurfer@lemmy.zip
ControlD is good, I have it setup at work. Their paid plans allow more fine control.
They can also be used to unlock geoblocking both on free and paid plans.
Coworkers need TikTok, YouTube, and Twitter, otherwise I would block that crap too.
=> More informations about this toot | More toots from Cheradenine@sh.itjust.works
I added ControlD p2 server for blocking ads, trackers, and malwRe to my familys’ phones, my phone, and my router. The fact that it blocks known malware by default is a big selling point for me.
=> More informations about this toot | More toots from shortwavesurfer@lemmy.zip
Here’s a video covering basically all of NextDNS’ settings! www.youtube.com/watch?v=WUG57ynLb8I
=> More informations about this toot | More toots from MrCamel999@programming.dev
This is the video that convinced me to get NextDNS and I don’t regret having made that decision
=> More informations about this toot | More toots from Cornflake_Dog@lemmy.wtf
Been using Nexdns and is great . It adds the part of adblocking and maybe more agresive and granular filtering
=> More informations about this toot | More toots from geography082@lemm.ee
Have a look at RethinkDNS, docs.rethinkdns.com/dns/ their wiki is pretty good. They have recommended block lists, and also have a feature that let’s you search inside block lists to see what they actually cover.
If you are on Android they have a companion app, you do not need to use it though. The app adds a good firewall (capture and redirect port 53 for example) and detailed logs if you want. You can block domains and specific IP addresses.
It’s all FOSS too
=> More informations about this toot | More toots from Cheradenine@sh.itjust.works
+1 for the android app ! If you’re “paranoid” you can block all apps by default and only allow apps you trust to connect to the internet. You can even for each app allow certain domains or IP’s, even wildcard domains for exemple to allow googles video chain like r3—sn-25glene6.googlevideo.com for only certain apps and not others… Like it’s fully customizable !!!
You can even hook your personal wireguard connection with DNS server like pihole…
RethinkDNS is awsome !
=> More informations about this toot | More toots from N0x0n@lemmy.ml
I really like the block all apps by default. I read release notes, download something, scan with App Manager. If that’s all good then it can connect to the internet.
And I use the Wikipedia app so I can block intake-analytics.wikimedia.org and the app still works.
=> More informations about this toot | More toots from Cheradenine@sh.itjust.works
I was recommended by a well-known privacy guide to use Rethink with AhaDNS Blitz, but it seems to fail often; nothing resolves until the VPN is stopped and restarted. Any ideas or advice?
=> More informations about this toot | More toots from f4f4f4f4f4f4f4f4@sopuli.xyz
I don’t have any experience with AhaDNS Blitz.
With RethinkDNS I have had occasional failures on their Max resolver, changing to Sky then works. That has only happened two times though, and was fixed with a few hours.
Sorry I can’t be more help.
=> More informations about this toot | More toots from Cheradenine@sh.itjust.works
Well, why don’t you just try NextDNS? Don’t like signing up to try a service? You don’t have to. Go to nextdns.io, click “Try it now” and there you go. No account required for 7 days.
You don’t need to add domains yourself, you just choose from existing blocklists they provide. Each have some description, just like all the settings.
Alternatively, Mullvad freely provides DNS with some blocking too, but you can’t edit anything.
=> More informations about this toot | More toots from user224@lemmy.sdf.org
Look into DNS over HTTPS. Otherwise no matter what provider you use, DNS is just unencrypted.
=> More informations about this toot | More toots from bokherif@lemmy.world
Dnscrypt-proxy supports DNS over https (doh), oblivious DNS over https (odoh), and dnscrypt (encrypted and anonymous DNS).
End to end encrypted.
You can use quad9, cloudflare, etc, or any provider you like.
=> More informations about this toot | More toots from masterofn001@lemmy.ca
This is the way.
=> More informations about this toot | More toots from zer0bitz@lemmy.world
This might be useful:
github.com/yokoffing/NextDNS-Config
neat.tube/w/19r4YnE6fpce6e2B9MepnB
Importmant if you seen the video: github.com/techlore/channel-content/issues/43
Disclaimer: I do not fully agree with what the authors say and disagree with some parts, but overall it’s useful information.
=> More informations about this toot | More toots from Upstream7564@discuss.tchncs.de
IMHO An old PC or Raspberry Pi + Pi-Hole or AdGuard Home is the way to go. Set up Wireguard if you need to use it outside of home, or if Youre adventurous you could buy a domain and expose DoH over port 443
=> More informations about this toot | More toots from JameUwU@lemmy.ml
+1 for RethinkDNS with DNSCrypt and anon relays
=> More informations about this toot | More toots from seaotter113@lemmy.world
I’ve used this list generating package for years now with great results: github.com/opencoff/unbound-adblock/tree/master
It is designed to generate blocking lists that can be used with unbound, the DNS resolver. There are even instructions for how to configure unbound so if you are new to it all you can follow along.
I use the resulting lists in my two local DNS name servers, running unbound.
The way it works is that if a query for a blocked address comes in to one of thenlocal DNS servers it returns a domain not found result. If the address is not on the block list then it forwards the query on to an internet DNS resolver securely using DoT.
You can gain further control over your DNS results by choosing those upstream resolvers carefully. Quad9 and Cloudflare etc all offer DoT resolving, along with some further filtering (eg. for malware), or completely unfiltered DNS if that’s what you want.
Services like cleanbrowsing.org offer more fine grained filtering, useful if you want a family-friendly set of DNS results, based off categorify.org. You can pay for really fine tuned results, or there is a free layer which provides still very useful basic categories.
Combining the two forms of filtering, local advert and tracking blocking, along with open internet content categorisation, seems to be very effective.
I get complaints about too many adverts when my kids are on WiFi away from home. I take it as a compliment.
=> More informations about this toot | More toots from yak@lmy.brx.io This content has been proxied by September (3851b).Proxy Information
text/gemini