|
DNSCrypt
DNSCrypt is a network protocol that authenticates and encrypts Domain Name System (DNS) traffic between the user's computer and recursive name servers. It was originally designed by Frank Denis and Yecheng Fu. Although multiple free and open source software implementations exist, the protocol was never proposed to the Internet Engineering Task Force (IETF) by the way of a Request for Comments (RFC). It is available for a variety of operating systems, including Unix, Apple iOS, Linux, Android, and Microsoft Windows. DNSCrypt wraps unmodified DNS traffic between a client and a DNS resolver in a cryptographic construction in order to detect forgery. Though it doesn't provide end-to-end security, it protects the local network against man-in-the-middle attacks. The free and open source software implementation dnscrypt-proxy additionally integrates ODoH. It also mitigates UDP-based amplification attacks by requiring a question to be at least as large as the corresponding response. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Domain Name System
The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. The Domain Name System delegates the responsibility of assigning domain names and mapping those names to Internet resources by designating authoritative name servers for each domain. Network administrators may delegate authority over sub-domains of their allocated name space to other name servers. This mechanism provides distributed and fault tolerance, fault-tolerant service and was designed to avoid a single ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenDNS
OpenDNS is an American company providing Domain Name System (DNS) resolution services—with features such as phishing protection, optional content filtering, and DNS lookup in its DNS servers—and a cloud computing security product suite, Umbrella, designed to protect enterprise customers from malware, botnets, phishing, and targeted online attacks. The OpenDNS Global Network processes an estimated 100 billion DNS queries daily from 85 million users through 25 data centers worldwide. On August 27, 2015, Cisco acquired OpenDNS for million in an all-cash transaction, plus retention-based incentives for OpenDNS. OpenDNS's business services were renamed Cisco Umbrella; home products retained the OpenDNS name. Cisco said that it intended to continue development of OpenDNS with its other cloud-based security products, and that it would continue its existing services. Until June , OpenDNS provided an ad-supported service and a paid advertisement-free service. The services are based ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Yandex Browser
Yandex Browser (Russian: Яндекс.Браузер) is a freeware web browser developed by the Russian technology corporation Yandex that uses the Blink web browser engine and is based on the Chromium open source project. The browser checks webpage security with the Yandex security system and checks downloaded files with Kaspersky Anti-Virus. The browser also uses Opera Software's Turbo technology to speed web browsing on slow connections. The browser is available for Windows, macOS, Linux, Android and iOS. Yandex is facing web search competition in Russia from Google Search. Google Chrome, Russia's most popular web browser, uses Google Search as its default search engine. In June 2012, Mozilla Firefox, the world's third most popular web browser, signed a deal to replace its default search engine Yandex Search with Google Search. As Yandex Browser's "Smartbox" uses Yandex Search as its default search engine, the browser will help Yandex compete for Russian search market shar ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DNS Over TLS
DNS over TLS (DoT) is a network security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. The well-known port number for DoT is 853. While DNS-over-TLS is applicable to any DNS transaction, it was first standardized for use between stub or forwarding resolvers and recursive resolvers, in in May of 2016. Subsequent IETF efforts specify the use of DoT between recursive and authoritative servers ("Authoritative DNS-over-TLS" or "ADoT") and a related implementation between authoritative servers (Zone Transfer-over-TLS or "xfr-over-TLS"). Server software BIND supports DoT connections as of version 9.17. Earlier versions offered DoT capability by proxying through stunnel. Unbound has supported DNS over TLS since 22 January 2018. Unwind has supported ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Quad9
Quad9 is a global public recursive DNS resolver that aims to protect users from malware and phishing. Quad9 is operated by the Quad9 Foundation, a Swiss public-benefit, not-for-profit foundation with the purpose of improving the privacy and cybersecurity of Internet users, headquartered in Zurich. It is the only global public resolver which is operated not-for-profit, in the public benefit. Quad9 is entirely subject to Swiss privacy law, and the Swiss government extends that protection of the law to Quad9's users throughout the world, regardless of citizenship or country of residence. Security and privacy Several independent evaluations have found Quad9 to be the most effective (97%) at blocking malware and phishing domains. As of June, 2021, Quad9 was blocking more than 100 million malware infections and phishing attacks per day. Quad9's malware filtering is a user-selectable option. The domains which are filtered are not determined by Quad9, but instead supplied to Quad9 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
AdGuard
Developed by AdGuard Software Limited, AdGuard offers open-source, free, and shareware products. AdGuard's DNS app supports Microsoft Windows, Linux, macOS, Android and iOS. AdGuard is also available as a browser extension. AdGuard Software Limited was founded in 2009 in Moscow. In 2014 AdGuard Software Limited's products became available in Cyprus to where its headquarters were subsequently moved. Features AdGuard features include: AdGuard Home AdGuard Home acts as a recursive DNS resolver, which responds with an invalid address for domains that appear in its filter lists quests. It is similar to Pi-hole. AdGuard Browser extensions The browser extension blocks video ads, interstitial ads, floating ads, pop-ups, banners, and text ads. There is a possibility to handle anti-AdBlock scripts. The product also blocks spyware and warns users of malicious websites. AdGuard Content Blocker is an additional browser extension for browsers Yandex Browser and Samsung Internet ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenNIC
OpenNIC (also referred to as the OpenNIC Project) is a user-owned and -controlled top-level Domain name registry, Network Information Center that offers a non-national alternative to traditional top-level domain (TLD) Domain name registry, registries such as ICANN. As of January 2017, OpenNIC recognizes and peers all existing ICANN Top-level domain, TLDs, for compatibility reasons. However, OpenNIC has not yet evaluated and does not hold a formal position on Proposed top-level domain, future ICANN TLDs. In addition to resolving hostnames in the ICANN Root name server, root, OpenNIC also resolves hostnames in OpenNIC-operated namespaces, as well as within namespaces with which Peering, peering agreements have been established. Some OpenNIC recursive servers (Tier 2 servers) are known for their high speeds and low latency, relative to other more widely used DNS recursors, as well as their anonymizing or no-logging policies. Many servers offer DNSCrypt. Tier 2 servers are operated by c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Domain Name System Security Extensions
The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protocol provides cryptographic authentication of data, authenticated denial of existence, and data integrity, but not availability or confidentiality. Overview The original design of the Domain Name System did not include any security features. It was conceived only as a scalable distributed system. The Domain Name System Security Extensions (DNSSEC) attempt to add security, while maintaining backward compatibility. Request for Comments 3833 documents some of the known threats to the DNS, and their solutions in DNSSEC. DNSSEC was designed to protect applications using DNS from accepting forged or manipulated DNS data, such as that created by DNS cache poisoning. All answers from DNSSEC protected zones are digitally signed. By checking the digit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ODoH
DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. By March 2018, Google and the Mozilla Foundation had started testing versions of DNS over HTTPS. In February 2020, Firefox switched to DNS over HTTPS by default for users in the United States. An alternative to DoH is the DNS over TLS (DoT) protocol, a similar standard for encrypting DNS queries, differing only in the methods used for encryption and delivery. Based on privacy and security, whether which protocol is superior is a matter of controversial debate; while others argue the merits of either depend on the specific use case. Technical details DoH is a proposed standard, published as RFC 8484 (October 2018) ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DNS Over HTTPS
DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. By March 2018, Google and the Mozilla Foundation had started testing versions of DNS over HTTPS. In February 2020, Firefox switched to DNS over HTTPS by default for users in the United States. An alternative to DoH is the DNS over TLS (DoT) protocol, a similar standard for encrypting DNS queries, differing only in the methods used for encryption and delivery. Based on privacy and security, whether which protocol is superior is a matter of controversial debate; while others argue the merits of either depend on the specific use case. Technical details DoH is a proposed standard, published as RFC 8484 (October 2018) ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
HTTPS
Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL. The principal motivations for HTTPS are authentication of the accessed website, and protection of the privacy and integrity of the exchanged data while in transit. It protects against man-in-the-middle attacks, and the bidirectional encryption of communications between a client and server protects the communications against eavesdropping and tampering. The authentication aspect of HTTPS requires a trusted third party to sign server-side digital certificates. This was historically an expensive operation, which meant fully authenticated HTTPS connections were usually found only ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Well-known Ports
This is a list of TCP and UDP port numbers used by protocols for operation of network applications. The Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) only need one Port (computer networking), port for Duplex (telecommunications), duplex, bidirectional traffic. They usually use port numbers that match the services of the corresponding TCP or UDP implementation, if they exist. The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses. However, many unofficial uses of both well-known and registered port numbers occur in practice. Similarly, many of the official assignments refer to protocols that were never or are no longer in common use. This article lists port numbers and their associated protocols that have experienced significant uptake. Table legend Well-known ports The port numbers in the range from 0 to 1023 (0 to 210 − 1) are the ''well-known ports'' or ''system p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
