Xentrk Posted January 26, 2019 Share Posted January 26, 2019 (edited) The Problem - Your DNS Queries are not private! The primary issue with DNS queries is they are sent in clear text, which means passive eavesdroppers can observe all the DNS lookups performed. Your Internet Service Provider (ISP) can log what sites you visit and sell your browsing history to advertisers or government agencies. Please refer to https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+-+The+Problem for a complete list of issues with the current state of DNS. Stubby to the RescueStubby is an application that acts as a local DNS Privacy stub resolver using DNS-over-TLS. Stubby encrypts DNS queries sent from a client machine to a DNS Privacy resolver increasing end user privacy. Since Stubby is in the early stages of development, it may not be suitable for non-technical users. To assist users to implement Stubby, I wrote a Stubby installer script to make the process easier. The install script defaults to Cloudflare (1.1.1.1) DNS-over-TLS on port 853. You can change to other supported public or test resolvers by updating the Stubby configuration file located in /opt/etc/stubby/stubby.yml. All Asus models supported by Asuswrt-Merlin are supported by this script. To date, I have received confirmation that it works on the following models: RT-AC66U_B1 RT-AC68U RT-AC87U RT-AC88U RT-AC3100 RT-AC3200 RT-AC5300 RT-AC86U RT-AX88U GT-AC5300 For information on Stubby, including how to install and validate, visit the Stubby-Installer-Asuswrt-Merlin GitHub Repository. For information on how the settings were derived at, see my blog post DNS over TLS with DNSMASQ and Stubby on Asuswrt-Merlin. Support Forum Please post questions on the support forum at https://www.snbforums.com/threads/stubby-installer-asuswrt-merlin.49469/ Installation Using your preferred SSH client/terminal, copy and paste the following command, then press Enter: Code: /usr/sbin/curl --retry 3 "https://raw.githubusercontent.com/Xentrk/Stubby-Installer-Asuswrt-Merlin/master/install_stubby.sh" -o "/jffs/scripts/install_stubby.sh" && chmod 755 /jffs/scripts/install_stubby.sh && sh /jffs/scripts/install_stubby.sh Then, select the install option from the menu. You may also install Stubby using amtm - the SNBForum Asuswrt-Merlin Terminal Menu Edited January 26, 2019 by Xentrk grammar 1 Link to comment Share on other sites More sharing options...
Xentrk Posted February 3, 2019 Author Share Posted February 3, 2019 There is another option for those of you who don't have an Asus router running Asuswrt-Merlin firmware. Cloudflare recently introduced apps in the iOS and Android stores that you can install on your mobile devices See https://1.1.1.1/?utm_medium=website&utm_source=hmc&utm_campaign=resolver-mobile-app-launch Similarly, you can configure DNS-over-DOT if you use a Firefox browser. See https://www.internetsociety.org/blog/2018/12/dns-privacy-support-in-mozilla-firefox/ for the instructions. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now