dns2socks adguard unbound Knot privacy DnsJumper dot dnsdist namebench dnsleaktest DNSBench ipcipher OpenNIC dnsmasq DNS-proxy dnsperf-tcp wireguard DNS-Resolvers DNSCrypt DNSSEC DNS-Privacy Acrylic DNS-over-HTTPS Stubby
nlnetlabs.nl
Unbound or Knot
github.com
A validating, recursive, caching DNS resolvers (DoT)
knot-resolver.cz
github.com
github.com
dnsprivacy.org
Stubby
DNS queries are sent to resolvers over an encrypted TLS connection providing increased privacy
dnsprivacy.org
dnsprivacy.org
dnsprivacy.org
wiki.archlinux.org
dnscrypt.info
DNScrypt
Modern encrypted DNS protocols such as DNSCrypt v2, DNS-over-HTTPS, Anonymized DNSCrypt and oDoH (Oblivious DoH)
github.com
github.com
github.com
github.com
sourceforge.net
Acrylic is a local DNS proxy for Windows which improves the performance of your computer by caching the responses coming from your DNS servers and helps you fight unwanted ads through the use of a custom HOSTS file (optimized for handling hundreds of thousands of domain names) with support for wildcards and regular expressions.
DNSSEC allows a resolver to verify the records received from authoritative servers.
DNSCrypt allows a client to verify the records received from a resolver.
DNSSEC is the industry "standard", ironically, find me where its in wide use.DNSCrypt is in use with opendns and many other dns services.DNSCrypt has the ability to stop MITM DNS HIJACKING, SPOOFING, ETC, whereas DNSSEC will not. However DNSSEC is supposed to be what the "industry" has adopted (yeah like IPV6 LOL). It provides a chain of trust that the answer you get should be authentic, but truthfully cannot prevent or stop MITM they way DNSCrypt can.Your best bet is to use DNSCrypt, DNSSEC, and UNBOUND together.I think OPENDNS has a really good explanation
opendns.com
sourceforge.net
What is Nebulo ?
When navigating to a website known by it's name, say example.com, your device ask specific servers — DNS servers — how to address the website. DNS is an old protocol which, except for smaller changes, hasn't been touched since its creation in 1987. Naturally the Internet changed a lot in this time, rendering the protocol outdated in some of its core aspects.
This app tackles one of the bigger problems with DNS: Encryption.
Whilst nearly all traffic on the Internet is encrypted now, DNS requests (i.e. questions for a names address) and the response aren't. This enables attackers to intercept, read and modify your requests.
Nebulo is a DNS changer which implements DNS-over-HTTPs and DNS-over-TLS to safely send your DNS requests to the target server. This way only you and the DNS server are able to read the requests you are sending.
Core features:
Configure the app once and then forget about it. After initial configuration it works fully autonomous
No ads and no tracking
Custom servers can be used
Low battery consumption
This app is open source. The source code can be accessed from within the app.
RethinkDNS
An OpenSnitch-inspired firewall and network monitor + a pi-hole-inspired DNS over HTTPS client with blocklists.
github.com — DNS Benchmark
report.opennicproject.org
dnsleaktest.com
cmdns.dev.dns-oarc.net
monitor.dnsprivacy.org
github.com
github.com
Quad9 is a global public recursive DNS resolver which aims to protect users from malware and phishing.
quad9.net
dnsprivacy.org