Hello, I’m limda new to Dns and such, but I would like to set up a connection with a decebt degree of privacy, ad blocking is also nice but it’s a plus.
As of now I’m using Adguard dns which is kinda bad and I was wondering which dns is the best option.
I also would like to know how impactful on privacy are DoT and DoH and which should i use.
Sorry for the somewhat basic question and thank you in advance for the answers
DoH and DoT offer encryption for the DNS query but unless you’re running everything thru a tunnel people will still be able to tell what sites etc you go to.
by people i mean your isp etc
If you want to self host a DNS server on your network or directly on your laptop then take a look at Technitium DNS Server which supports DoT & DoH, has ad blocking, and many other features all with a GUI.
Note that using DoT/DoH will just protect your DNS requests from your ISP but if your ISP does deep packet inspection then they will know the website you visit from the TLS SNI data that is sent when you connect to a HTTPS website.
Oh, that’s a niece piece of advice, thanl you
Here is a quick review on some dns
Dot and quad9 or nextdns but depends on location
Doq is new and nextdns uses as well
So i should pair a DoT with a good VPN for complete privacy, right?
Thanks, do you perhaps have a personalcrecomendation from this list?
Are those better than cloudfare? I would like not to sacrifice too much internet speed (I’m from Europe btw).
Thanks
A VPN just changes who sees all of your traffic. Instead of the ISP now the VPN provider sees it. If you want “complete privacy” do all of your browsing on TOR, never login to any site, change your TOR circuit frequently and disable JavaScript entirely. You’ll probably notice that this makes the Internet not terribly functional or useful so it’s up to you to find a balance between security/privacy and usability, only you can decide where that is.
just use the VPN and route all your traffic through it if you’re THAT worried about your ISP seeing what you’re doing
DoT and DoH are for dns attack mitigation not for privacy
I am currently running Cloudflare, after having used nextdns for awhile, which were quite good, i like their setup, and all the various lists they could add to blocking. Unfortunately, too many sites stopped working and it just became a hassle. I have stopped using dns as the main blocker and just use cloudflare.
So TOR is still the best option, on mobile is terribly slow unfortunately.
Thanks for all the info
I’m more concerned aboit privacy than malware, but i will give them a try, thx
Set your preferred exit node to the Netherlands and blacklist RU and HK and speeds should improve significantly. NL usually has the highest density of high bandwidth exit nodes.