[122409] in North American Network Operators' Group
Re: dns interceptors
daemon@ATHENA.MIT.EDU (Jason Frisvold)
Sun Feb 14 12:54:22 2010
From: Jason Frisvold <xenophage0@gmail.com>
In-Reply-To: <25869BF9-2879-46F0-9D67-38AEC742A40B@ianai.net>
Date: Sun, 14 Feb 2010 12:53:52 -0500
To: "Patrick W. Gilmore" <patrick@ianai.net>
Cc: North American Network Operators Group <nanog@merit.edu>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 14, 2010, at 12:42 PM, Patrick W. Gilmore wrote:
> How does that help? It still sends port 53 requests to the =
authorities, which will be intercepted.
Hrm.. Maybe I misunderstood. Are the packets being intercepted, or is =
the problem the local resolvers?
Well, in either case, another option would be to use something like =
openvpn, cisco vpn, etc. with very limited routes. Set it up so only =
your dns traffic is sent over the tunnel. Then you can still use the =
local network, crappy as it may be, without having to deal with the =
added overhead of ssh and the like.
> --=20
> TTFN,
> patrick
--=20
Jason 'XenoPhage' Frisvold
XenoPhage0@gmail.com
http://blog.godshell.com
