My ISPs DNS lookup takes literally one second every time, so I went with Quad9, it really sped up my browsing. Do you know any other alternatives?

  • tal@lemmy.todayEnglish
    10·
    2 months ago

    You could probably just piggyback off some random DNS server out there that permits public queries. I doubt that most domains are logging everything.

    $ egrep "^[a-z]+$" /usr/share/dict/words|shuf|sed "s/$/.com/"|xargs -n1 host -t ns|grep "name server"|cut -d" " -f 4|awk '!seen[$0]++'|xargs -n1 host www.slashdot.org|awk '/^$/ {f=0} /has address/ {f=1} /^Name:/ {if (f) {print}}'
Name: ns2.afternic.com.
Name: ns1.bluehost.com.
Name: ns2.bluehost.com.
Name: ns-570.awsdns-07.net.
Name: ns1.sedoparking.com.
Name: ns02.cashparking.com.
Name: ns01.cashparking.com.
Name: ns1.namefind.com.
Name: ns2.namefind.com.

    etc.

    That’ll look up the DNS server for a bunch of domains and, omitting duplicates, list all of the ones that can resolve “www.slashdot.org”, which I imagine likely means that they’ll also probably be willing to resolve other domains.

    EDIT: Modified the above command line to randomize the order of domains it tries so that if multiple people use this, everyone doesn’t just grab the same DNS server.

    • cracked_void@kbin.earthOP
      1·
      2 months ago

      I didn’t know that one too. They seem to be based in the US, and apparently they seem to be a profit-oriented organization. I’ll keep them in the back of my mind, maybe I’ll consider them in a few years.

  • hexagonwin@lemmy.today
    4·
    2 months ago

    i just use Quad9 too, or firefox’s builtin DoH cloudflare since i’m a bit lazy… (though it’s very likely not a good option)

  • neidu3@sh.itjust.worksMEnglish
    3·
    2 months ago

    I always used 4.2.2.2 and 4.2.2.1. Not sure how privacy friendly they are, but probably miles more than 8.8.8.8

      • neidu3@sh.itjust.worksMEnglish
        5·
        2 months ago

        Well, it belongs to Google, so I assume they use it for logging which addresses do which lookups, and correlate this with their other fingerprinting databases. I very much doubt they run a public DNS just to be nice.

        • Balinares@pawb.social
          2·
          2 months ago

          I mean, that’d be a major GDPR breach, be hard to extract any signal from because queries will usually be coming from a relay or from behind a NAT so you can’t tell who the query even originates from, and DNS is cached heavily too so you only get a small fraction of the queries anyway. I’m not seeing a way the calculus work in favor, basically.

          OTOH the question of why they’d even run a public DNS is interesting, yeah. Running a public DNS is cheap and helps the Internet work better, and they make more money when the Internet works better since that adds up to more page views. Less charitably, though, it’s possibly just a thing from back when they were an engineering company first and foremost and did that kind of stuff, and now they can’t turn it off without breaking a lot of things and causing a lot of costly anger.

  • ZoteTheMighty@lemmy.zip
    3·
    2 months ago

    I’ve been using a PiHole for years now. It’s super easy to set up. In practice, it’s been the most reliable thing I keep on a pi. Technically, you don’t need to host it on a raspberry pi, but you should host it on an always-on computer on your network.

    Kind of a different way of looking at security; you can’t guarantee someone’s not keeping DNS logs, but you can guarantee that your DNS logs on a hard drive in your house aren’t being shared.