The provider replaces DNS records and redirects other people's DNS servers to its own

K

krll-k2015-01-30 16:52:10

Domain Name System

krll-k, 2015-01-30 16:52:10

The provider replaces DNS records and redirects other people's DNS servers to its own — How is it?

With the help of https://github.com/ValdikSS/blockcheck , I determined a way to block my provider

[!] Result:
[⚠] Your ISP replaces DNS records and redirects other DNS servers to its own.
You should use an encrypted channel to DNS servers, such as VPN, Tor, or HTTPS/Socks proxies.
[⚠] Your ISP has a "regular" DPI.
HTTPS/Socks proxy, VPN or Tor will help you.

Tor didn't work and VPN is expensive - what does " You should use an encrypted channel to DNS servers " mean? — How is that?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

V

Vlad Zhivotnev, 2015-01-30
@inkvizitor68sl

It's easy. DNS traffic is not encrypted out of the box, it is easy to redirect it on the network to where it needs to be.
You are hinted at this - https://www.opendns.com/about/innovations/dnscrypt/

D

Dmitry, 2015-02-04
@Ermito

What browser did you use with Tor? Requests to dns can also be started through the tor. in FF in new versions in the settings there is a "Remote DNS" checkbox, in older versions in about: config you can enable it. In addition, you need to clean "Settings / Privacy / Recent History", as the browser caches requests to the dns server

P

panaceya, 2015-01-30
@panaceya

What if you use your own DNS server? (set local DNS service and use 127.0.0.1 as DNS server in network settings).