Guide To DNSCrypt

[sudoku]

DNSCrypt

 

A protocol for securing communications between a client and a DNS resolver.

 

Description

dnscrypt-proxy provides local service which can be used directly as your local resolver or as a DNS forwarder, encrypting and authenticating requests using the DNSCrypt protocol and passing them to an upstream server.

The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography and is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver.
While not providing end-to-end security, it protects the local network, which is often the weakest point of the chain, against man-in-the-middle attacks. It also provides some confidentiality to DNS queries.

List of free, DNSCrypt-enabled resolvers

To get started, you can use any of the public DNS resolvers supporting DNSCrypt .

If you want to add DNSCrypt support to your own public or private resolver, check out DNSCrypt-Wrapper, a server-side dnscrypt proxy that works with any name resolver.

Installation: Windows

1. Download the win zip file from here http://download.dnscrypt.org/dnscrypt-proxy/

2. Extract it to  C drive .

3. Open up a elevated cmd / Terminal. Click on start and type cmd and press ctrl+shift+enter.

4. Go to DNSCrypt directory in cmd / terminal.

 

 cd C:\dnscrypt-proxy-win64\

5. Now we will install proxy server and we had to choose dns server. we can choose any dns from file dnscrypt-resolvers.csv which is included in download. This list mainly support DNSCypt.it has a name, description, location, and whether they support things like DNSSEC and Namecoin. It also has the necessary IP addresses and public keys. .

we had chosen " okturtles". There is a resolver list with file name dnscrypt-resolvers.csv, you can choose any resolver of your choice.

 

If all goes well, you will get an output similar to this:

[NOTICE] Starting dnscrypt-proxy 1.6.0
[INFO] Initializing libsodium for optimal performance
[INFO] Generating a new key pair
[INFO] Done
[INFO] Server certificate #808464433 received
[INFO] This certificate looks valid
[INFO] Server key fingerprint is 3730:AAB4:B7FD:40F6:3C42:
B12C:60DF:B615:8392:B6AF:9AA4:4CFD:C282:0BAC:E68E:2624

6. Time to install

 

dnscrypt-proxy.exe --resolver-name=okturtles --resolvers-list="C:\dnscrypt-proxy-win64\dnscrypt-resolvers.csv" --install

You should see this output.

 

[INFO] The dnscrypt-proxy service has been installed and started
[INFO] The registry key used for this service is SYSTEM\Current ControlSet\Services\dnscrypt-proxy\Parameters
[INFO] Now, change your resolver settings to 127.0.0.1:53

 

7. Change your dns setting in network connections to 127.0.0.1.

 

Source: For linux, freebsd etc please follow the tutorial of dnscrypt which can be found here http://dnscrypt.org/.

 

8. To remove use this command while the directory is selected at step 4

 

.\dnscrypt-proxy --uninstall

Benefits of DNSCrypt:

Easy to set up and it’s free.
Encryption of web traffic: Phishing protection.
Speed up your Internet experience.
Unblock Government blocked websites