I've changed my DNS resolver to Quad9 in Firefox (dns.quad9.net), but a test on https://www.dnsleaktest.com/ shows that I'm still using my ISP's DNS resolver!
What could be wrong? 🤔
@frankie So using a generic DNS provider and being concerned about DNS leaks? Do you even privacy
@frankie generic provider as in 3rd party providing a DNS server for name resolution as they by design see what servers are you accessing and are using it against you (global surveillance)
@kreyren
ok. What provider do you recommend I use?
@frankie Tor DNS or locally ran non-authoritative DNS server (e.g. bind9 which is super easy to deploy) to avoid using 3rd party to access root servers.
@frankie also beyond that DNSSEC to make sure that your DNS requests are not poisoned (redirection on a malicious website while showing the correct URL).
@kreyren
do you have an article/tutorial which shows hot to use Tor DNS? 😃
@frankie `man tor` / `info tor` is not enough? O.o
See DNSPort in https://2019.www.torproject.org/docs/tor-manual.html.en
tldr:
Add
DNSPort [address:]port|auto [isolation flags]
in your torrc and then change your DNS server on it e.g.
DNSPort 1234
"set DNS on 127.0.01:1234" e.g. `namserver 127.0.0.1:1234` in /etc/resolv.conf
@frankie npnp feel free to ask if you need help
@kreyren
thanks!