Main functions
Public DNS server, as the default DNS resolution server of the system, has no ads, can prevent DNS hijacking to a certain extent, and does not need to be changed due to changes in the Internet environment, etc. Advantages, however, using public DNS may also have risks such as slow system response, hijacking, and privacy issues.
System Vulnerabilities
Possible risks of public DNS:
First, although public DNS has a certain role in preventing DNS hijacking, but with The "wall" upgrade, this effect is already very weak-whether you are using the ISP's default DNS, or using a foreign public DNS server, the result of resolving domain names such as twitter.com Will be polluted by DNS. In terms of effects, it is not as good as Firefox's remote DNS resolution.
Secondly, long response time. Most of the widely used public DNS are located overseas, and the network delay is relatively large. In addition, our country has limited bandwidth when going abroad. Some students still like to play DDOS. Do you think the resolution speed can be faster?
Third, resulting in slower web browsing. Many websites use smart DNS or CDN technology to optimize website access, and the principle of smart DNS is to return a (group) optimal server IP address to the user by judging the ownership of the DNS server (the same is true for CDN). Once the public DNS is used, users cannot obtain the optimal IP address, and may even cause a huge slowdown in browsing speed. Take the widely used GooglePublicDNS as an example. If the user is located in the country, through the resolution of some domain names accelerated by CDN, the IP address of the United States or Japan will be obtained. In fact, it is the best that DNS returns the domestic IP. In this way, the effect of CDN is greatly reduced.
Fourth, privacy issues. Many domestic users choose to use public DNS servers (especially foreign ones) because they are worried about personal privacy leakage (some people are unwilling to "contribute" their privacy to the country). In fact, this is completely unnecessary. After all, the DNS of domestic ISPs The server is not accessible to anyone who wants to. Taking a step back, do you think you don’t know if you don’t take the initiative to "contribute" your privacy to the country? Don’t forget who owns the router and who owns the wall.
Fifth, national security issues. In combination with the above, once the user data is obtained, by analyzing and sorting out the data, it is easy to get information about the user’s favorite preferences, frequently visited sites, etc., to prepare for the next step of cyber psychological warfare, and also for the future network The war gained a key target.
Important Cases
Baidu Public DNS
On December 7, 2014, Baidu launched its public DNS service. According to officials, Baidu's public DNS service has improved on the existing DNS service architecture to provide a more efficient, stable and secure DNS service. This service is still in the beta version.
According to the official introduction, Baidu’s public DNS service has features such as cloud protection, no hijacking, and more accuracy. The details are as follows:
Cloud protection, since then, there will be no trouble on the Internet:
Viruses, Trojan horses, and phishing websites are blocked by one network, and Baidu Cloud Protection guards your access security in real time;
No hijacking, no hindrance to the Internet from now on:
No malicious redirection, no Compulsory advertising, Baidu public DNS makes every visit unimpeded;
More accurate, and worry-free surfing from now on:
CDN network all over the country, intelligent analysis, all efforts Just to make the positioning more precise and make your every visit more efficient.
IPv6 public DNS
With the increase in the number of Internet access devices, the original IPv4 system can no longer meet the demand, and the IPv6 protocol has begun to spread globally. The National Engineering Center of Next Generation Internet officially announced the launch of IPv6 public DNS (240c::6666). By providing free public DNS services with excellent performance, we will create a safe, stable, high-speed, and intelligent Internet experience for users, and help the full implementation of the Action Plan for Promoting Large-scale Deployment of Internet Protocol Version 6 (IPv6).
This content was obtained from 41021653 without permission