DNS Crypt!

[John Connor]

I was just looking at DNS software on Sanpfiles.com and found DNS Crypt. What it does is encrypt you DNS and sends them to OpenDNS to prevent Man In The Middle attacks. I have the 443 option on and ran a network sniffer and all my DNS traffic is in fact using 443 and is encrypted. I'm impressed.

http://www.opendns.com/about/innovations/dnscrypt/

I just noticed that the download link in there is all dorked up with source code and crap. Here is the download. http://www.snapfiles.com/get/dnscrypt.html

 

[John Connor]

I had this installed, but it caused problems with a VPN program. It doesn't interfere with Windows VPN though. I had also installed it to a computer with UAC on and on every boot UAC would pop up. The UAC settings is on the highest.


Uninstalling this is a PITA. First open the DNScrypt icon in the taskbar and uncheck all the options to restore your default DNS. You have to delete the folder Opendns in the programs files folder, then you need to get StartupCPL and look at the startup for OpenDNS, deselect it. Use Everything.exe to find the .exe for the startup. It's a long name so you need to click on the OpenDNS entry in StartupCPL and copy/paste the file's name in everything.exe to find it. Once found delete.

Figured I'd share encase someone wants to uninstall this.

 

[PrincessFrosty]

I'd read up on SDNS and Dan Kaminskys work a while back, it's a good idea because DNS is one of the last real weakspots in networking and getting the whole thing SSL'd and backed by certificates for authentication is paramount. I've not looked into DNS Crypt, however I do implement OpenDNS in several places so I might go this route, thanks for bring it to our attention.