Which DNS servers to trust?

This page summarizes the projects mentioned and recommended in the original post on /r/dnscrypt
Dnscrypt dnscrypt-proxy Doh DNS dnscrypt-proxy2

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • dnscrypt-resolvers

    Lists of public DNSCrypt / DoH DNS servers and DNS relays

    • In the public resolvers list are a lot of servers listed; but how can you be sure that they are not malicious? (Sorry if this is a dumb question, but i couldnt find anything about that)

  • dnscrypt-proxy

    dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.

    • Apparently local DNSSEC validation is not yet available for dnscrypt-proxy according to this. So DNSSEC may ensure that the recursive resolver (DNS server) has correct data but does not stop it from deliberately returning malicious data. The only solution i could think of is locally running a dnsmasq/... server with DNSSEC validation. But i dont think that every domain/zone supports DNSSEC yet. So it might not be fully effective. Even then it probably wouldnt be that performant.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts