Looking for freeware DNS server

[Rob Kelk]

My ISP's DNS servers have become very unreliable lately (today, they
couldn't even find www.google.com). I'd like to run something locally
on my Win2k box that can collect the IP addresses I use most often and
keep them in local storage, and act as a DNS server for sites that it
doesn't already know. I didn't see any DNS servers at all listed on
pricelesswarehome. Does anything like this exist?

Also (and OT), does anyone have any suggestions for a free secondary DNS
server that I can use instead of the nearly-broken one at my ISP?

 

[ObiWan]

My ISP's DNS servers have become very unreliable lately (today, they
couldn't even find www.google.com). I'd like to run something locally
on my Win2k box that can collect the IP addresses I use most often and
keep them in local storage, and act as a DNS server for sites that it
doesn't already know. I didn't see any DNS servers at all listed on
pricelesswarehome. Does anything like this exist?

Look at my signature


Regards

--

* ObiWan

DNS "fail-safe" for Windows 2000 and 9X
http://www.ntcanuck.com

408 XP/2000 tweaks and tips
http://www.ntcanuck.com/tq/Tip_Quarry.htm

 

[Rob Kelk]

Look at my signature

Thanks. (tries following link) Got a dotted-quad for that site, by any
chance?

 

[Rob Kelk]

Thanks. (tries following link) Got a dotted-quad for that site, by any
chance?

Never mind - my ISP's DNS finally found your site.

 

[Roger Johansson]

DNS "fail-safe" for Windows 2000 and 9X
http://www.ntcanuck.com

It says on its homepage:
"For Microsoft Windows® XP /2000 /.NET /2003 workstations or servers."

Do you know from experience that it works on Windows 9X too?

 

[Ash]

It says on its homepage:
"For Microsoft Windows® XP /2000 /.NET /2003 workstations or servers."

Do you know from experience that it works on Windows 9X too?

No, you should use Bind-LE. I used Bind-LE successfully for a
long while with Win98/WinME

There is a reference at the bottom of the home page.
Follow the download page link "TreeWalk support tools" to find the
variable Bind-LE download page.

The forums are back up this evening after a bad week of poor
connections. So please drop by in a couple of days once we've
migrated some valuable config/tip messages to the new server.


Ash

DNS "fail-safe" for Windows 2000 and 9X
http://www.ntcanuck.com
http://forums.ntcanuck.com
news://news.ntcanuck.com

 

[Roger Johansson]

I used Bind-LE successfully for a long while with Win98/WinME

Thanks. Downloading Bind-LE.

 

[ObiWan]

Thanks. (tries following link) Got a dotted-quad for that site, by any

Never mind - my ISP's DNS finally found your site.

Ok, and btw if you want, feel free to jump into the newsgroup
(or forums) there and report about any success/problem or
just to ask about any config/tweak and the like; there was a
proble with the forums lately, but now it has been fixed and
the messages are being restored so you may also find some
further infos about the TreeWalk there

Regards

--

* ObiWan

DNS "fail-safe" for Windows 2000 and 9X clients.
http://www.ntcanuck.com

Support and discussions forums/groups
http://forums.ntcanuck.com
news://news.ntcanuck.com

408 XP/2000 tweaks and tips
http://www.ntcanuck.com/tq/Tip_Quarry.htm

 

[Roger Johansson]

DNS "fail-safe" for Windows 2000 and 9X clients.
http://www.ntcanuck.com

Support and discussions forums/groups
http://forums.ntcanuck.com
news://news.ntcanuck.com

408 XP/2000 tweaks and tips
http://www.ntcanuck.com/tq/Tip_Quarry.htm

I started using BIND-LE yesterday in my windows98 system, and it works
very well. I now have 3 DNS servers in my network settings, the first
one local in Bind-LE.

My ISP has had problems with the DNS servers, and I think I am better
prepared for such problems now.

Thanks for the help, maybe I'll see you in the forums, if I have some
problems.

 

[derek / nul]

I started using BIND-LE yesterday in my windows98 system, and it works
very well. I now have 3 DNS servers in my network settings, the first
one local in Bind-LE.

My ISP has had problems with the DNS servers, and I think I am better
prepared for such problems now.

Thanks for the help, maybe I'll see you in the forums, if I have some
problems.

Roger,

You might consider using an upstream DNS server for one of the 3.

 

[Roger Johansson]

You might consider using an upstream DNS server for one of the 3.

The problem is that I do not know what an upstream DNS server is or how
to set up one in my network settings or in BIND-LE, otherwise it sounds
like a good idea

If you have time, could you give me a hint? Where to look or what to do?

 

[Wayne D]

My ISP's DNS servers have become very unreliable lately (today, they
couldn't even find www.google.com). I'd like to run something locally
on my Win2k box that can collect the IP addresses I use most often and
keep them in local storage, and act as a DNS server for sites that it
doesn't already know. I didn't see any DNS servers at all listed on
pricelesswarehome. Does anything like this exist?

Also (and OT), does anyone have any suggestions for a free secondary DNS
server that I can use instead of the nearly-broken one at my ISP?

FastCache


" As long as there's an Internet, everyone is going to want to do things
faster. Browse the web, ping servers, download files, whatever. Every
time you go to a new website, or a website you haven't been to in a day
or so, your computer needs to locate the server again using DNS. Each DNS
request can take anywhere from 50 milliseconds, to even a second or more,
but most are in the 100 to 200 millisecond range. Want to save a couple
hundred milliseconds? Probably not, but what about a couple million or
more? That's what AnalogX FastCache is all about.
AnalogX FastCache is a caching DNS server that runs on your local
machine and handles any DNS request that your computer makes, from
Internet Explorer to your favorite FTP client. Once a query is made,
FastCache will override the normal timeout for the item with one that you
specify, so instead of saving a query for a couple of seconds, it can
save it for a couple of days. Now every time you ask for it again while
it's in the cache, it gives it to you instantly. You can read more about
DNS, and how to configure your machine to run FastCache in this article
at WebAttack."

http://www.analogx.com/contents/download/network/fc.htm

Very easy to use.

Regards

Wayne D

 

[Ash]

You might consider using an upstream DNS server for one of the 3.

The problem is that I do not know what an upstream DNS server is or how
to set up one in my network settings or in BIND-LE, otherwise it sounds
like a good idea

If you have time, could you give me a hint? Where to look or what to do?[/QUOTE]

Roger,

Please take care for a while... at least. TreeWalk is using direct contact
to authorised DNS servers for the sites you visit, it doesn't use wayside
or roadside caches.

At the moment while there is a rash of DNS poisoning going on and ISP's
are jumping to patch their servers IMO it doesn't make sense to add
possibly compromised forwarders.

Currently if you choose to forward to your ISP DNS or other public
recursive DNS you take the risk that these DNS may be poisoned and have
incorrect information. Many ISP's and others know what they are doing
but the scale of poisoning shows that a very significant number have
taken little effort to fix/patch well known long standing problems.

TreeWalk is designed as a private recursive DNS server and is designed
to question only those servers authorised to know correct answers.
Treewalk was started from a BINDv9 base (a version not affected by
poisoning issues) and has been largely modified to fix a lot of
the original ISC code flaws, bugs and vulnerabilities.

Clearly if you use a compromised public DNS server, you may willingly be
sent to a fake phishing site with false IP - thinking that it is your bank
SSL and disclose more than intended while the phishing site uses a second
SSL link to your bank and watches/captures interesting/reusable information.

Ash


DNS "fail-safe" for Windows 2000 and 9X
http://www.ntcanuck.com
http://forums.ntcanuck.com
news://news.ntcanuck.com

 

[Roger Johansson]

Please take care for a while... at least. TreeWalk is using direct
contact to authorised DNS servers for the sites you visit, it doesn't
use wayside or roadside caches.

This message goes over my head, I don't know all these technical terms.
I don't use TreeWalk, unless it is a part of BIND-LE.

At the moment while there is a rash of DNS poisoning going on and
ISP's are jumping to patch their servers IMO it doesn't make sense to
add possibly compromised forwarders.

Currently if you choose to forward to your ISP DNS or other public

I have no intention of forwarding my local DNS server to anybody, and I
assume that BIND-LE has not been set up to allow anybody else to use
it. And even if they tried I hope my firewall, Kerio, will stop them.

recursive DNS you take the risk that these DNS may be poisoned and
have incorrect information. Many ISP's and others know what they are
doing but the scale of poisoning shows that a very significant number
have taken little effort to fix/patch well known long standing
problems.

I hope BIND-LE lets me use DNS lists from reliable servers. I clicked
on the menu choice "alternate roots- AlterNic, and I sssume that means
I am using their list now, as my first DNS server.
I don't know how to un-click that choice, and I don't know what DNS
list I would be using if I had not clicked on that choice.

TreeWalk is designed as a private recursive DNS server and is designed
to question only those servers authorised to know correct answers.
Treewalk was started from a BINDv9 base (a version not affected by
poisoning issues) and has been largely modified to fix a lot of
the original ISC code flaws, bugs and vulnerabilities.

DNS "fail-safe" for Windows 2000 and 9X
http://www.ntcanuck.com
http://forums.ntcanuck.com
news://news.ntcanuck.com

I have checked out the first of these links, read some about TreeWalk.
But I still don't understand fully if it is better than BIND-LE. or a
complement.

With what I understand so far I hope I am better protected against DNS
problems now than I was when I was totally dependent upon the two
servers given by my ISP.

 

[Kerodo]

I have checked out the first of these links, read some about TreeWalk.
But I still don't understand fully if it is better than BIND-LE. or a
complement.

My understanding was that TreeWalk was for Win2k/XP and BIND-LE was for
Win9x/ME..

 

[derek / nul]

The problem is that I do not know what an upstream DNS server is or how
to set up one in my network settings or in BIND-LE, otherwise it sounds
like a good idea

If you have time, could you give me a hint? Where to look or what to do?

A tracert from my place shows:-

C:\>tracert 80.65.205.96

Tracing route to lktv-205-96.ljusdal.net [80.65.205.96]
over a maximum of 30 hops:

1 <10 ms <10 ms <10 ms z.g [192.168.0.254]
2 16 ms 15 ms 32 ms p-nya.swiftel.com.au [202.154.95.181]
3 16 ms 31 ms 16 ms adsl-17-251.swiftdsl.com.au [218.214.17.251]
4 16 ms 31 ms 16 ms sl-gw1-mel-1-1-0.sprintlink.net [203.222.34.225]

5 31 ms 47 ms 31 ms sl-bb20-syd-1-0.sprintlink.net [203.222.33.18]
6 31 ms 32 ms 47 ms sl-bb21-syd-15-1.sprintlink.net [203.222.32.34]

7 187 ms 188 ms 187 ms sl-bb22-sj-3-3.sprintlink.net [144.232.8.130]
8 234 ms 250 ms 250 ms sl-bb22-rly-11-0.sprintlink.net [144.232.20.187]

9 234 ms 250 ms 250 ms sl-bb27-rly-12-0.sprintlink.net [144.232.14.178]

10 250 ms 250 ms 250 ms sl-bb21-msq-2-0.sprintlink.net [144.232.20.72]
11 328 ms 328 ms 328 ms sl-bb20-cop-14-0.sprintlink.net [144.232.19.30]

12 328 ms 328 ms 329 ms sl-bb21-cop-15-0.sprintlink.net [80.77.64.34]
13 328 ms 344 ms 328 ms sl-bb21-sto-14-0.sprintlink.net [213.206.129.34]

14 375 ms 328 ms 344 ms sl-gw11-sto-14-0.sprintlink.net [80.77.96.100]
15 328 ms 375 ms 344 ms sle-songn-1-0.sprintlink.net [80.77.97.54]
16 344 ms 344 ms 343 ms ge0-0.cty-pe3.sdl.se.sn.net [194.100.250.42]
17 344 ms 343 ms 360 ms 80.65.193.253
18 344 ms 343 ms 360 ms 80.65.193.13
19 * * * Request timed out.

the entry at se.sn.net appears to be 'upstream' of you www.sn.net has some
information.

 

[Ash]

This message goes over my head, I don't know all these technical terms.

Not my intent.

I just mean that if you choose to use an upstream DNS server as suggested
and add it to Bind-LE then you should be content that the DNS server is not
open to DNS poisoning where hackers introduce false results when you look
up IP addresses. And that the DNS server is not using a compromised cache
or results collected from somewhere else.

Bind-LE without the extra entries you are thinking of adding will only check
the authorised servers for each domain, it does not use caches of results
that may be compromised.

Ash

 

[Ash]

I have checked out the first of these links, read some about TreeWalk.
But I still don't understand fully if it is better than BIND-LE. or a
complement.

BIND-LE is needed for Win98/WinME users. TreeWalk uses new facilites
introduced with the later Operating systems and not available with
earlier OS.

With what I understand so far I hope I am better protected against DNS
problems now than I was when I was totally dependent upon the two
servers given by my ISP.

Yes


Ash

 

[Roger Johansson]

A tracert from my place shows:-

C:\>tracert 80.65.205.96

Tracing route to lktv-205-96.ljusdal.net [80.65.205.96]
over a maximum of 30 hops:

1 <10 ms <10 ms <10 ms z.g [192.168.0.254]
2 16 ms 15 ms 32 ms p-nya.swiftel.com.au [202.154.95.181] ....
the entry at se.sn.net appears to be 'upstream' of you www.sn.net has
some information.

Now I understand. I am pretty sure that the second of the DNS servers
given to me by my ISP is already an upstream server in the TDC Song
net, so everything seems to be alright.

 

[Roger Johansson]

Bind-LE without the extra entries you are thinking of adding will
only check the authorised servers for each domain, it does not use
caches of results that may be compromised.

There is only one thing I wonder about. When I chose to use the
Alter-Nic DNS server, is my computer calling it up every time, or is
its list copied down to my computer by BIND-LE and used for local use
in my computer?

It sounds like a local copy of the list would be a lot faster, on the
other hand it would be necessary to renew the list at certain
intervals. Is BIND-LE doing that for me?

If I had not clicked on Alter-Nic in the BIND-LE menues,
what server would BIND-LE have used?