RandomDNS: makes DNS secure – Penetration Testing

RandomDNS aims to improve the security, privacy and anonymity of DNSCrypt. It can randomize the server choice at runtime and can rotate it frequently.

What is DNSCrypt?

DNSCrypt is a protocol that authenticates communications between a DNS client and a DNS resolver. It prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven’t been tampered with.

More informations at https://dnscrypt.org/

Features of RandomDNS

Randomize the provider at runtime

Use (-E)phemeral keys option

Securely run DNSCrypt proxy by verifying its hash, copying it in /tmp dir with restricted permissions and launching it as “nobody” user (if reverse proxy is enabled)

Watch the proxy process and relaunch it if it dies

Can run multiple instances of DNSCrypt and load balance the traffic (EdgeDNS)

Have in-memory caching of DNS requests along with Consistent Hashing (EdgeDNS)

Can filter the server list by protocols, country and much more

Rotate the server with a defined time (default: 10 minutes)

Support DNSSEC (EdgeDNS)

How to use it

Update Brew: brew update && brew upgrade

Install DNSCrypt + Node + NPM: brew install dnscrypt-proxy node npm

Download and run RandomDNS: npm install -g randomdns && sudo DEBUG=* randomdns

Set your DNS settings to 127.0.0.1

Source: Github

The post RandomDNS: makes DNS secure appeared first on Penetration Testing.

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s