Microsoft was released today a new version of Windows 10 in the Windows Insider Dev channel. The new build brings several improvements and settings for encrypted DNS.
The DNS-over-HTTPS is a relatively new security feature that aims to protect DNS traffic from third parties. Encrypts DNS traffic using the HTTPS protocol. For those who do not know DNS is used to "translate" domain names (iguru.gr), to numeric IP addresses.
Unencrypted DNS traffic allows the network provider, e.g. the ISP and other third parties accessing the same network, να ελέγξουν ποιες σελίδες επισκέπτεστε. Επιπλέον είναι δυνατό για τους ISP να αλλάξουν αιτήματα, π.χ. αποκλείοντας τα ή ανακατευθύνοντάς τα (όπως είδαμε με το ban του Subs4free).
Microsoft announced some time ago that the operating system of Windows will support encrypted DNS. Browser developers (Mozilla ή Google) have added functionality support to their programs.
New version of Windows 10, however, brings DNS-over-HTTPS support to the operating system's Settings for ethernet and Wi-Fi connections.
For ethernet:
Follow the path Settings - Network & Internet - Status.
Click Properties.
Select Edit IP or Edit DNS Server (Edit IP assignment or Edit DNS server assignment).
For Wi-Fi:
Follow the path Settings - Network & Internet - Wi-Fi.
Click Properties.
Select Edit IP or Edit DNS Server (Edit IP assignment or Edit DNS server assignment).
The current version only recognizes some DNS-over-HTTPS providers by defaultchoice, namely Cloudflare, Google and Quad9.
Select the DNS you want from the following table:
Server Owner | Server IP addresses |
Cloudflare | 1.1.1.11.0.0.1
2606: 4700: 4700 :: 1111 2606: 4700: 4700 :: 1001 |
8.8.8.88.8.4.4
2001: 4860: 4860 :: 8888 2001: 4860: 4860 :: 8844 |
|
Quad9 | 9.9.9.9149.112.112.112
2620: fe :: fe 2620: fe :: fe: 9 |
Πληκτρολογήστε ή επικολλήστε μια address IP στη σελίδα και μετά επιλέξτε μία από τις διαθέσιμες επιλογές κρυπτογράφησης DNS.
The options are:
No encryption.
Encrypted only (DNS-over-HTTPS).
Priority encryption, allowed and unencrypted connection.
Confirm your choice and check if it works by looking at the DNS servers in the network properties. They must show (encrypted).
Microsoft states that Windows 10 administrators may also try custom DNS-over-HTTPS servers, but this requires the following netsh command: