Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is why it’s better to use AdGuard only for its DNS blocking capability and not for DNS resolving - use a real resolver like unbound https://en.wikipedia.org/wiki/Unbound_(DNS_server)




I would advise against using unbound on the client side as this way all your DNS queries will be unencrypted and visible to your ISP. Besides that, the DNS responses can be modified, this kind of censorship is very popular and used in many countries.

IMO it is safer to use a big popular DNS recursor (google, cloudflare, adguard, quad9, etc), use DoT/DoH/DoQ and maybe add some additional filtering on top of it.

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: