Jump to content
Not connected, Your IP: 18.206.13.39

Search the Community

Showing results for tags 'dnssec'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Frequently asked questions
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP
    • Mirrors

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 3 results

  1. Hey, I got this since a while now. Sometimes I try to resolve airvpn.org it fails. After some trys or minutes it works fine. I use a Pi-Hole as DNS Server running a local unbound (127.0.0.1) and as said I only got issues with this domain here.. real strange. Luckily today I was able to grab some logs, maybe someone can read them and tell me if the dnssec-query request tell something useful ? Jan 4 19:19:07 dnsmasq[31678]: query[PTR] 44.1.168.192.in-addr.arpa from 192.168.1.15 Jan 4 19:19:07 dnsmasq[31678]: /etc/pihole/local.list 192.168.1.44 is pi-hole Jan 4 19:19:07 dnsmasq[31678]: query[A] airvpn.org.localdomain from 192.168.1.15 Jan 4 19:19:07 dnsmasq[31678]: cached airvpn.org.localdomain is NXDOMAIN Jan 4 19:19:07 dnsmasq[31678]: query[AAAA] airvpn.org.localdomain from 192.168.1.15 Jan 4 19:19:07 dnsmasq[31678]: cached airvpn.org.localdomain is NXDOMAIN Jan 4 19:19:07 dnsmasq[31678]: query[A] airvpn.org from 192.168.1.15 Jan 4 19:19:07 dnsmasq[31678]: forwarded airvpn.org to 127.0.0.1 Jan 4 19:19:09 dnsmasq[31678]: query[AAAA] airvpn.org from 192.168.1.15 Jan 4 19:19:09 dnsmasq[31678]: forwarded airvpn.org to 127.0.0.1 Jan 4 19:19:16 dnsmasq[31678]: dnssec-query[DS] airvpn.org to 127.0.0.1 Jan 4 19:19:16 dnsmasq[31678]: dnssec-query[DS] airvpn.org to 127.0.0.1 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 55882, algo 8, digest 1 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 57919, algo 8, digest 1 Jan 4 19:19:16 dnsmasq[31678]: dnssec-query[DNSKEY] airvpn.org to 127.0.0.1 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 55882, algo 8, digest 1 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DS keytag 57919, algo 8, digest 1 Jan 4 19:19:16 dnsmasq[31678]: dnssec-query[DNSKEY] airvpn.org to 127.0.0.1 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 57919, algo 8 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 55882, algo 8 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 59298, algo 8 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 38193, algo 8 Jan 4 19:19:16 dnsmasq[31678]: validation result is SECURE Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is 5.196.64.52 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 57919, algo 8 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 55882, algo 8 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 59298, algo 8 Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is DNSKEY keytag 38193, algo 8 Jan 4 19:19:16 dnsmasq[31678]: validation result is SECURE Jan 4 19:19:16 dnsmasq[31678]: reply airvpn.org is 2001:41d0:a:6034:: Please note that I was running a nslookup airvpn.org here and at the end it was working. Same command 2 minutes earlier failed. So till 19:19:07 I had a DNS timeout when querying airvpn.org and on 19:19:16 it started to work just fine Any help is much appreciated.
  2. Does Airvpn consider having to implement dnssec on the current dns resolver servers which running the vpn? It will be a plus for all VPN users otherwise all our dns queries will still leak and prone to Man In Middle Attack to sniff our traffic. At the same time this help to minimize dns attacks on the VPN users. Informative links https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions https://www.dnssec-tools.org/wiki/index.php/Main_Page Software required (Dnscrypt) https://www.dnscrypt.org/ Verify DNSSec has enabled http://dnssectest.sidnlabs.nl/ https://www.dnssec-tools.org/ http://dnssec.vs.uni-due.de/
  3. DANE (DNS-based Authentication of Named Entities) is one more attempt to replace the reliance of web browsers on Certificate Authorities. DANE leverages the downsides of security in TLS, allows to specify which CA is allowed to issue certificates for a certain resource and to certify the keys used in the domain's TLS servers by storing their fingerprints in the DNS record. For this the DNS record must be signed with DNSSEC. I request opinions and thoughts on the implementation of DANE for the AirVPN website.the consideration of implementing this feature in the future.AirVPN could be the first VPN service wordwide to offer this security feature (as far as my information is correct). Like Posteo who is the first mail provider in Germany who implemented it - and maybe worldwide.
×
×
  • Create New...