DNS requests are one of the elements that most often spy on third-party applications and services. Every time we visit a website, before connecting directly to it, a request is sent to the DNS to resolve the domain and obtain the IP to which to connect. A cyber security expert told us that these connections are usually not encrypted, so both hackers and third parties can track and know what websites we visit. Luckily, there are tools to encrypt these connections, such as Simple DNSCrypt.
Simple DNSCrypt is a free and open source application for Windows that allows us to encrypt these connections and protect our privacy.
In order to use this application, according to a data security professional, the first thing we have to do is download the latest version from its GitHub page. Once downloaded, the first thing we will see will be the main window of the program, which will be divided into 4 categories:
Main Menu – List with all options and settings.
Resolvers – List with the main DNS servers and their corresponding configurations.
Advanced Settings – Additional options for advanced users.
Registration – A record of program operation, although it is disabled by default.
To start encrypting our traffic, we must activate the DNSCrypt Service from the switch and choose the network card through which we want to encrypt the DNS traffic of our computer.
After these two simple steps, our DNS traffic will already be encrypted so that nobody can intercept it, collect it or impersonate it to make us go to malicious websites.
With this we would have the program running and protecting our DNS traffic. However, Simple DNSCrypt also has other options that allow us to better protect our traffic, for example, choose the servers, DNS we want to use, or a series of advanced options that allow us to activate the DNS cache, block IPv6 requests or force the use of the TCP protocol in requests to the DNS server.
Cyber security researchers don’t recommend it but in case you want to stop using this program, you just have to deactivate the service, from the button, the DNS requests will be sent back to the Internet in the classic way.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.