As the whole world is slowly but, gradually adopting and implementing DNSSec, OpenDNS has decided to introduce their solution to secure the user-side of DNS (Domain Name System) along with preview version of DNS encryption tool.
DNS protocol uses plain text as a means of communication between a user and the DNS server. Because of this reason, the DNS traffic is prone to a multitude of attacks and puts privacy of users at risk writes David Ulevitch, Founder/CEO in a blog post.
Dubbed DNSCrypt, the tool encrypts all DNS traffic originating from a client’s system thereby providing security at the last mile, which otherwise is prone to various attacks such as man-in-the-middle attacks, DNS snooping, DNS hijacking, etc. The tool only works with Mac systems as of now.
OpenDNS has revealed that they are not at all intending to replace DNSSec. The DNSSec allows authentication of DNS record which are returned to the user.
DNSCrypt doesn’t force any change to the existing architecture of the Internet. The DNS traffic is encrypted the same way SSL turns HTTP traffic to HTTPS.
DNSCrypt can be downloaded from here.Leave a comment on this article