[Updated on 8/12/2020] We migrated from dnsdist to nginx for perfomance.
DNS is one of important types on internet. It translated domain strings to ip address before application established the server. DNS based on udp and tcp protocol.
Traditional DNS problems
With old type of DNS server, user and server have no way to check if the request or response was modified, it’s easy to sniff, modify and see by some nodes when it was routed to.
Encryption for security and privacy
To solve the dns’s problems, dns over tls (DoT), dns over https (DoH) are built in standard of ietf. Dnscrypt was new protocol written by Frank Denis some years ago.
dns.infosec.xyz
We supported 3 types of dns: dns over tls on standard port 853, dns over https on port 443 and normal dns service on port 53.
Because we’re fans of opensource. We would like to open our architecture for trust and privacy.
We built our service on nginx for frontend and dnscrypt-proxy for backend.
Requests from user should be encrypted with DoH or DoT, and our server will make dns request to provider via dnscrypt-proxy.
Users <====> Our DNS server <====> Google/Cloudflare/Quad
We don’t log any dns query except blocked domain in our filter. The filter is published on our main site. We only filter ads/malware and tracking sites.
If you have any problem with your site, ping us on telegram:severusvn or telegram:hoangdoanvss