Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
DNS over HTTP (github.com/bii-lab)
35 points by ehPReth on May 17, 2015 | hide | past | favorite | 9 comments


This would be useful in Indonesia:

http://jakarta.coconuts.co/2015/05/08/national-internet-dns-...

tl;dr - their approach to censorship is to implement a national DNS server (yes, single point of failure, and yes it goes down a lot) and block outgoing DNS packets.


Some ISPs also use transparent proxies, so unless they use HTTPS for everything, using an alternate DNS server won't help them much (except maybe for the reliability part).


I wonder how they're going to block the packets - are they just blocking Port 53, sniffing, or using some mandatory proxy for the root hosts.


Cool :) The other way around also exists: Iodine [1] does IP-over-DNS. Very useful for some commercial access points which usually don't filter DNS but redirect HTTP to a landing page.

[1] http://code.kryo.se/iodine/


Awesome.

I made something similar, albeit simpler, to help check for DNS servers that are lying to you.

https://github.com/dicato/webdns

It's deployed on heroku for anyone to use. Just make GET requests to a URI of the domain you are interested in:

https://webdns.herokuapp.com/hackernews.com


This is neat. An alternative would be to use a SOCKS 5 proxy, it can also do the DNS resolution for the client.


There is also this for tunneling arbitrary data [original website is down]: https://www.archlinux.org/packages/community/x86_64/httptunn...


Cool when using TLS!


This should be combined with DNSCrypt, great concept!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: