16 KiB
title | icon | description |
DNS-провайдеры | material/dns | These are some encrypted DNS providers we recommend switching to, to replace your ISP's default configuration. |
Encrypted DNS with third-party servers should only be used to get around basic DNS blocking when you can be sure there won't be any consequences. Зашифрованный DNS не поможет вам скрыть какую-либо активность в интернете.
Learn more about DNS :material-arrow-right-drop-circle:{.md-button}
Рекомендованные провайдеры
DNS-провайдер | Политика конфиденциальности | Тип | Протоколы | Логирование | ECS |
AdGuard | :octicons-link-external-24: | Коммерческий | Cleartext DoH DoT DNSCrypt |
Частичное1 | Нет Filter list being used can be found here. :octicons-link-external-24: |
Cloudflare | :octicons-link-external-24: | Коммерческий | Cleartext DoH DoT |
Частичное1 | Нет |
ControlID | :octicons-link-external-24: | Коммерческий | Cleartext DoH DoT |
Частичное1 | Нет |
Mullvad | :octicons-link-external-24: | Коммерческий | DoH DoT |
Частичное1 | Нет Filter list being used can be found here. :octicons-link-external-24: |
NextDNS | :octicons-link-external-24: | Коммерческий | Cleartext DoH DoT DNSCrypt |
Необязательное2 | Нет |
Quad9 | :octicons-link-external-24: | Коммерческий | Some3 | Необязательное2 | Based on server choice, Malware blocking by default. |
Please note we are not affiliated with any of the projects we recommend. In addition to our standard criteria, we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
!!! Для уменьшения этой угрозы рассмотрите возможность самостоятельного хостинга.
We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. Мы учитываем и обсуждаем много факторов, перед тем как рекомендовать какой-то проект, и документирование каждого из них ещё не завершено.
- Поддержка DNSSEC
- QNAME Minimization.
- Allow for ECS to be disabled.
- Prefer anycast support or geo-steering support.
Зашифрованные DNS-прокси
Последние версии iOS, iPadOS, tvOS и macOS поддерживают как DoT, так и DoH. Оба протокола поддерживаются нативно через профили конфигурации или через API настроек DNS.
Устройства Apple
После установки профиля конфигурации или приложения, использующего API настроек DNS, можно выбрать конфигурацию DNS. Если у вас подключен VPN, будут использоваться настройки DNS, заданные вашим VPN-сервисом, а не системные настройки.
Apple не предоставляет нативный интерфейс для создания профилей зашифрованного DNS. Secure DNS profile creator - это неофициальный инструмент для создания собственных профилей зашифрованного DNS, однако они не будут иметь подписи.
Подписанные профили
Apple does not provide a native interface for creating encrypted DNS profiles. Secure DNS profile creator is an unofficial tool for creating your own encrypted DNS profiles, however they will not be signed. Signed profiles are preferred; signing validates a profile's origin and helps to ensure the integrity of the profiles. A green "Verified" label is given to signed configuration profiles. For more information on code signing, see About Code Signing. Signed profiles are offered by AdGuard, NextDNS, and Quad9.
!!! info "Информация"
{ align=right }
**DNSCloak** - это клиент для iOS с открытым исходным кодом, поддерживающий функции [DNS-over-HTTPS](technology/dns.md#dns-over-https-doh), [DNSCrypt](technology/dns.md#dnscrypt) и [dnscrypt-proxy](https://github.com/DNSCrypt/dnscrypt-proxy/wiki), такие как кэширование ответов DNS, локальное логирование запросов DNS и пользовательские списки блокировок. Пользователи могут [добавлять собственные сервера DNS](https://medium.com/privacyguides/adding-custom-dns-over-https-resolvers-to-dnscloak-20ff5845f4b5).
Encrypted DNS Proxies
Encrypted DNS proxy software provides a local proxy for the unencrypted DNS resolver to forward to. Typically it is used on platforms that don't natively support encrypted DNS.
!!! recommendation
{ align=right }
**dnscrypt-proxy** - это DNS-прокси с поддержкой [DNSCrypt](technology/dns.md#dnscrypt), [DNS-over-HTTPS](technology/dns.md#dns-over-https-doh) и [Анонимизированного DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
[Посетить github.com](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .md-button .md-button--primary } [Политика конфиденциальности](https://www.libreoffice.org/about-us/privacy/privacy-policy-en/){ .md-button }
- [:fontawesome-brands-github: Исходный код](https://github.com/DNSCrypt/dnscrypt-proxy) downloads
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=com.celzero.bravedns)
- [:simple-github: GitHub](https://github.com/celzero/rethink-app/releases)
!!! recommendation
{ align=right }
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
!!! warning "The anonymized DNS feature does [**not**](advanced/dns-overview.md#why-shouldnt-i-use-encrypted-dns) anonymize other network traffic."
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/DNSCrypt/dnscrypt-proxy){ .card-link title="Source Code" }
[:octicons-heart-16:](https://opencollective.com/dnscrypt/contribute){ .card-link title=Contribute }
??? downloads
- [:simple-windows11: Windows](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Installation-Windows)
- [:simple-apple: macOS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Installation-macOS)
- [:simple-linux: Linux](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Installation-linux)
Self-hosted Solutions
A self-hosted DNS solution is useful for providing filtering on controlled platforms, such as Smart TVs and other IoT devices, as no client-side software is needed.
!!! recommendation
{ align=right }
**AdGuard Home** is an open-source [DNS-sinkhole](https://wikipedia.org/wiki/DNS_sinkhole) which uses [DNS filtering](https://www.cloudflare.com/learning/access-management/what-is-dns-filtering/) to block unwanted web content, such as advertisements.
AdGuard Home features a polished web interface to view insights and manage blocked content.
[:octicons-home-16: Homepage](https://adguard.com/adguard-home/overview.html){ .md-button .md-button--primary }
[:octicons-eye-16:](https://adguard.com/privacy/home.html){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://github.com/AdguardTeam/AdGuardHome/wiki){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/AdguardTeam/AdGuardHome){ .card-link title="Source Code" }
!!! recommendation
{ align=right }
**Pi-hole** is an open-source [DNS-sinkhole](https://wikipedia.org/wiki/DNS_sinkhole) which uses [DNS filtering](https://www.cloudflare.com/learning/access-management/what-is-dns-filtering/) to block unwanted web content, such as advertisements.
Pi-hole is designed to be hosted on a Raspberry Pi, but it is not limited to such hardware. The software features a friendly web interface to view insights and manage blocked content.
[:octicons-home-16: Homepage](https://pi-hole.net/){ .md-button .md-button--primary }
[:octicons-eye-16:](https://pi-hole.net/privacy/){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://docs.pi-hole.net/){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/pi-hole/pi-hole){ .card-link title="Source Code" }
[:octicons-heart-16:](https://pi-hole.net/donate){ .card-link title=Contribute }
AdGuard хранит показатели производительности их DNS серверов, содержащие в себе количество выполненных запросов к определенному серверу, количество заблокированных запросов и скорость обработки. Они также ведут и хранят базу данных доменов, запрошенных в течение последних 24 часов. "Нам нужна эта информация, чтобы выявлять и блокировать новые трекеры и угрозы." "Также мы храним информацию о том, сколько раз тот или иной трекер был заблокирован. Нам нужна эта информация, чтобы удалять устаревшие правила из наших фильтров." https://adguard.com/en/privacy/dns.html ↩︎
NextDNS can provide insights and logging features on an opt-in basis. You can choose retention times and log storage locations for any logs you choose to keep. If it's not specifically requested, no data is logged. https://nextdns.io/privacy ↩︎
Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. https://www.quad9.net/privacy/policy/ ↩︎