Discuss mailing list

[Jeff Taylor <shdwdrgn AT sourpuss.net>]

I don't think we have an actual list going, but if you check the wiki
page with the list of T2 servers, some have notes saying they support
5353.  As for T1's, I think I mis-spoke.  I can set mine up to listen on
5353, but I'm not 100% certain if it will respond to zone transfers on
that port.  I guess we can try...


On 01/08/2013 10:24 AM, Waqas Ashraf wrote:
> Could you give me list or tell me how I can determine which t1 uses 5353 
> port ? And I was wondering if VPN might work as well Simon suggested using 
> tor but with tor I get hit on speed and ping hit 
>
> Sent from my iPhone
>
> On Jan 8, 2013, at 10:56 AM, Jeff Taylor <shdwdrgn AT sourpuss.net> wrote:
>
>> If you want to be a little less obvious about your DNS traffic, there
>> are a few T1 and T2 servers which also respond on port 5353 in order to
>> assist those who have ISP's which intercept their dns queries.  This is
>> still plaintext packets, so deep packet inspection would still detect
>> your queries, but so far we have not seen that be a problem for anyone.
>>
>>
>> On 01/08/2013 04:21 AM, Simon wrote:
>>> On 01/08/13 11:17, Waqas Ashraf wrote:
>>>> Reason I had asked that if I can check to see if I'm only going through 
>>>> opennic root servers rather then ICANN is because I was thinking about 
>>>> all the filtering that happens on ISP side of anything you search where 
>>>> they might deem something not safe for you and decide for you you don't 
>>>> need to know. So I was wondering if I could entirely bypass their root 
>>>> zone complete and go through only OPennic. I don't if it make sense to 
>>>> anyone maybe I should think more on it and rewrite what I'm trying to 
>>>> say.
>>> Now you're running your own server, you're not going through your ISPs
>>> nameservers but your DNS transactions are still traversing their network
>>> in the clear so it's theoretically possible that they could snoop on
>>> your DNS requests.
>>>
>>> You are, however, going through the ICANN servers to resolve ICANN
>>> domains only. For Opennic domains (e.g. .geek, .free etc) you are using
>>> the Opennic servers.
>>>
>>> If your DNS packets being in the clear is a problem for you then you
>>> need to consider using an encrypted connection over which to make your
>>> DNS requests or using something like TOR.
>>>
>>>
>>> HTH
>>>
>>> Simon
>>>
>>>
>>>
>>>
>>>
>>> --------
>>> You are a member of the OpenNIC Discuss list. 
>>> You may unsubscribe by emailing 
>>> discuss-unsubscribe AT lists.opennicproject.org
>>
>>
>> --------
>> You are a member of the OpenNIC Discuss list. 
>> You may unsubscribe by emailing 
>> discuss-unsubscribe AT lists.opennicproject.org
>
> --------
> You are a member of the OpenNIC Discuss list. 
> You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org