Main Area and Open Discussion > General Software Discussion

DNS logger & firewall for Win32

<< < (2/2)

Ehtyar:
If they're tampering with the actual traffic on port 53, as opposed to just records from their own DNS servers (the impression I got), then you could probably prove it by using DNSSEC (will only work for certain TLDs though, .org is probably easiest).

Ehtyar.

electronixtar:
With your ISP screwing around with the DNS queries wouldn't it be better to run your own DNS server?

eg. Treewalk
-4wd (November 24, 2009, 04:42 PM)
--- End quote ---

It's slow and costs too much memory if you run long enough. Not worth it.
If they're tampering with the actual traffic on port 53, as opposed to just records from their own DNS servers (the impression I got), then you could probably prove it by using DNSSEC (will only work for certain TLDs though, .org is probably easiest).

Ehtyar.
-Ehtyar (November 24, 2009, 06:50 PM)
--- End quote ---

DNSSec is cool, but not all of TLD have it.

Ehtyar:
But purely in order to prove your DNS is being tampered with, it's the perfect solution. BIND is very reasonable with memory, despite what others may say about it...

Ehtyar.

Navigation

[0] Message Index

[*] Previous page