We have been using secure, public DNS services like OpenDNS for years now instead of our ISP’s DNS for secure and faster web browsing, but, unfortunately, the underlying DNS protocol has not been secure enough. There have been numerous examples of man-in-the-middle attacks, and snooping of DNS traffic. In order to tackle this issue OpenDNS has introduced a new solution called DNSCrypt.
DNSCrypt is a lightweight software and works by encrypting all DNS traffic between the user and OpenDNS, preventing any spying, spoofing or man-in-the-middle attacks.
“In the same way the SSL turns HTTP web traffic into HTTPS encrypted Web traffic, DNSCrypt turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks”.
It is true that the internet poses some very real security threats to computer users, even if they have protected their computer with good security solution. That means we need to build a few defenses ourselves, rather than completely rely on a single security solution to do this. I am sure OpenDNS’s DNSCrypt can do something good on this issue.
DNSCrypt currently available for Mac users only. Interested users can get more details and download at source here.