Is there a way to make encrypted DNS resolutions?

Question

Is there a way to make encrypted DNS resolutions, so that a packet sniffer in the same network still can't guess what DNS has been requested?

Maybe, just thinking, by tunneling DNS requests through an HTTPS connection?

score 8 · Answer 1 · answered Nov 11 '12 at 22:49

8

Sure. Use a VPN. Preferably one with good hard encryption. I'm thinking IPSEC using AES/SHA.

But then all your traffic gets tunneled. Not sure if that's a good thing or not, for you.

answered Nov 11 '12 at 22:49

Tom O'Connor

27,578

score 2 · Answer 2 · answered Nov 12 '12 at 01:23

2

Check out DNSCurve by Daniel J. Bernstein. It's stated main point:

Confidentiality: DNS requests and responses today are completely unencrypted
and are broadcast to any attacker who cares to look. DNSCurve encrypts
all DNS packets.

answered Nov 12 '12 at 01:23

atx

1,311

score 1 · Answer 3 · answered Nov 11 '12 at 22:49

1

I'd use a VPN to a trusted host/network, or maybe tor.

answered Nov 11 '12 at 22:49

Dennis Kaarsemaker

19,819

Is there a way to make encrypted DNS resolutions?

3 Answers3

Linked