Using google dns / open dns question

[toolbox331]

Hi, is it a good idea to use a different dns from the the isp. Say the isp is tracking what you download etc will changing the dns do any good?

[gray-fox]

Say the isp is tracking what you download etc will changing the dns do any good?

No, changing DNS won't hide your network traffic from your ISP if that's what you mean.

[d4rkcat]

Yes. Your ISP's DNS will likely be magnitudes slower than an external one, because they have to track everything you do on it and instead of going directly to the DNS server, the request has to go through your router aswell.
Here are some good choices, don't use google, that's silly if you are trying to avoid spying.:

Code: [Select]

IP                       Filtered    Provider                          Country
===========================================
85.214.73.63 no FoeBuD e.V. Germany
87.118.100.175 no German Privacy Foundation e.V. Germany
94.75.228.29 no German Privacy Foundation e.V. Germany
85.25.251.254 no German Privacy Foundation e.V. Germany
62.141.58.13 no German Privacy Foundation e.V. Germany
213.73.91.35 no Chaos Computer Club Berlin Germany
212.82.225.7 no ClaraNet Germany
212.82.226.212 no ClaraNet Germany
208.67.222.222 only malicious OpenDNS USA
208.67.220.220 only malicious OpenDNS USA
58.6.115.42 no OpenNIC Australia
58.6.115.43 no OpenNIC Australia
119.31.230.42 no OpenNIC Australia
200.252.98.162 no OpenNIC Brazil
217.79.186.148 no OpenNIC Germany
81.89.98.6 no OpenNIC Germany
78.159.101.37 no OpenNIC Germany
203.167.220.153 no OpenNIC New Zealand
82.229.244.191 no OpenNIC France
82.229.244.191 no OpenNIC Czechia
216.87.84.211 no OpenNIC USA
2001:470:8388:2:20e:2eff:fe63:d4a9 no OpenNIC USA
2001:470:1f07:38b::1 no OpenNIC USA
66.244.95.20 no OpenNIC USA
2001:470:1f10:c6::2 no OpenNIC USA
207.192.69.155 no OpenNIC USA
72.14.189.120 no OpenNIC USA
156.154.70.1 only malicious DNS Advantage USA
156.154.71.1 only malicious DNS Advantage USA
156.154.70.22 only malicious Comodo Secure DNS USA
156.154.71.22 only malicious Comodo Secure DNS USA
194.145.226.26 no PowerNS Germany
77.220.232.44 no PowerNS Germany
78.46.89.147 no ValiDOM Germany
88.198.75.145 no ValiDOM Germany
216.129.251.13 no JSC Marketing USA
66.109.128.213 no JSC Marketing USA
171.70.168.183 no Cisco Systems USA
171.69.2.133 no Cisco Systems USA
128.107.241.185 no Cisco Systems USA
64.102.255.44 no Cisco Systems USA
85.25.149.144 no Freie Unzensierte Nameserver Germany
87.106.37.196 no Freie Unzensierte Nameserver Germany
209.59.210.167 no Christoph Hochstätter USA
85.214.117.11 no Christoph Hochstätter Germany
83.243.5.253 2a01:198:16::5253 no private Germany
88.198.130.211 no private Germany
92.241.164.86 no private (i-root.cesidio.net, cesidio root included) Russia
85.10.211.244 no private Germany

Also as grey-fox said, changing DNS is not sufficient to hide traffic from your ISP, that requires changing your DNS and using a VPN with remote DNS lookups.

[proxx]

Hi, is it a good idea to use a different dns from the the isp. Say the isp is tracking what you download etc will changing the dns do any good?

If you use regular DNS traffic it will pass over their equipment in the clear since DNS by default is not encrypted.
So no.

On the other hand, say they are profiling users by DNS queries it will prevent it to some extend but it is not really worth it.
You could also cache DNS yourself which boosts speed but doesnt have much to do with this discussion.

[frog]

I use proxychains and tor to maintain privacy. The only limitation is that proxychains only works with command line applications. However, proxychains will let you change the dns resolver settings so you can proxy your application traffic and your dns requests as well. My /usr/lib/proxychains3/proxyresolv has these DNS servers in it.

Code: [Select]

#DNS_SERVER=208.67.222.222 # openDNS
#DNS_SERVER=208.67.220.220 # openDNS(secondary)
#DNS_SERVER=209.244.0.3 # Level3
#DNS_SERVER=209.244.0.4 # Level3(secondary)
#DNS_SERVER=8.26.56.26 # Comodo Secure DNS
#DNS_SERVER=8.20.247.20 # Comodo Secure DNS(secondary)
#DNS_SERVER=37.235.1.174 # FreeDNS
#DNS_SERVER=37.235.1.177 # FreeDNS(secondary)

Proxychains can only use one dns server at a time. When it comes to network scanning(nmap version scans will crash proxychains every once and awhile with a SIGSEGV) I use the proxychains/tor setup as it allows me to interact with remote systems and maintain a private network identity.

If i'm using my web browser, I set firefox to use tor as a socks proxy. Firefox also has dns settings in about:config such as 'network.dns.disableprefetch=true' and 'network.proxy.remote_dns=true' which will force firefox to use your proxy for dns requests/responses. This works well and it's easy to set up. To change which dns server firefox uses, just modify your network interface's dns settings. Firefox will push the request through tor to the specified dns server.

[Axon]

Interesting discussion, never knew your dns can reveal some valuable information about you. I usually do mac spoofing along with referrer control extension and user agent extension to hide my tracks . I rarely use vpn, since public vpns aren't as safe as people might think.

[proxx]

Whats the point of the mac spoofing?? the only people that can see your mac address are on the physical network segment you are on. devices/people outside of that network segment will never receive your MAC address. by the time your packet leaves your home router for example, your ISP's exchange will only ever see your routers mac, for example.

mac spoofing may only apply when using public networks where you don't want to be tracked, but even then, there aint a whole lot of shit they can track you with, and they can only track you while you are on their physical network. so i get changing your mac every time you connect to a public networks, but beyond that its a waste of time really.

Agreed, depending on where you are located in a 'hostile' env it makes sense.

[Axon]

Whats the point of the mac spoofing?? the only people that can see your mac address are on the physical network segment you are on. devices/people outside of that network segment will never receive your MAC address. by the time your packet leaves your home router for example, your ISP's exchange will only ever see your routers mac, for example.

mac spoofing may only apply when using public networks where you don't want to be tracked, but even then, there aint a whole lot of shit they can track you with, and they can only track you while you are on their physical network. so i get changing your mac every time you connect to a public networks, but beyond that its a waste of time really.

Will the mac address of your router be of significance to the ISP? Obviously, I have to re-examine my anonymity habits after this threads, it turns out I have shit.  

[proxx]

Will the mac address of your router be of significance to the ISP? Obviously, I have to re-examine my anonymity habits after this threads, it turns out I have shit.

Well they will know the MAC of the modem because most likely they deployed it
For DSL it does not really matter which MAC for most ISP , on DOCIS there is often MAC ACL  in place.
As for fiber I am not so sure , all I know is that it works basically the same as DSL when it comes to auth.