I've changed my DNS resolver to Quad9 in Firefox (dns.quad9.net), but a test on https://www.dnsleaktest.com/ shows that I'm still using my ISP's DNS resolver!
What could be wrong? 🤔
a) Tor DNS (A and AAAA only)
b) bind9 - So that you avoid the middle party and fetch the data directly from the root servers
@frankie generic provider as in 3rd party providing a DNS server for name resolution as they by design see what servers are you accessing and are using it against you (global surveillance)
@kreyren
ok. What provider do you recommend I use?
@frankie Tor DNS or locally ran non-authoritative DNS server (e.g. bind9 which is super easy to deploy) to avoid using 3rd party to access root servers.
@frankie also beyond that DNSSEC to make sure that your DNS requests are not poisoned (redirection on a malicious website while showing the correct URL).
@kreyren
do you have an article/tutorial which shows hot to use Tor DNS? 😃
@frankie `man tor` / `info tor` is not enough? O.o
See DNSPort in https://2019.www.torproject.org/docs/tor-manual.html.en
tldr:
Add
DNSPort [address:]port|auto [isolation flags]
in your torrc and then change your DNS server on it e.g.
DNSPort 1234
"set DNS on 127.0.01:1234" e.g. `namserver 127.0.0.1:1234` in /etc/resolv.conf
@frankie Optionally the official support chat for tor is at ircs://irc.oftc.net:6697/#tor
@frankie npnp feel free to ask if you need help
@kreyren@qoto.org
Hi Jacob Hrbek.
What DNS provider would you recommend instead? 📝