How to configure DNSCrypt on Windows

OpenDNS launched its encrypted DNS service DNSCrypt back in 2012 and has been offering it ever since. It protects DNS look-ups made by your system by encrypting them, similar to how your Internet traffic is encrypted when you connect to https websites.

The company released DNSCrypt to Github and others have started to implement the feature into third-party services.

DNS information are valuable as they offer a nearly complete account of your Internet activities including the domains and servers you connected to.

If you encrypt the traffic, third-parties listening in on your connection cannot access the information anymore.

It makes sense to use an encrypted DNS service. DNSCrypt is not the only service that offers this, but it is freely available and if you pick the right one, without connection logging as well.

While you can use OpenDNS for all of that, you may not want to use the service as your DNS provider. As mentioned earlier, there are alternatives that provide you with the same level of encryption.

While you can now go ahead and set it up by yourself, you may prefer an easier solution.

DNSCrypt Windows Service Manager is a free program for the Windows operating system that you can use to select a provider that supports it as well. In fact, it does list OpenDNS as one of the providers but others as well so that you can test several of them or simply pick the one you want right away.

dnscrypt windows service manager

The interface of the application is bare bones, but that is fine as it provides you with all important options. It displays all network adapters that it has discovered on start and whether the DNSCrypt Service is running or not.

All you have to do is pick one of the providers and click on the enable button to start the service and encrypting your DNS traffic.

You do get options to switch the protocol from UDP to TCP, and between IPv4 and IPv6. Note that clicking enable will install the dnscrypt-proxy service on your operating system. The service is removed again when you click on the disable button.

Since it is not permanent in nature, it is ideal for testing purposes. It is recommended that you research the providers that it makes available before you enable any of them.  Encryption won't help a bit if the provider itself is recording your activities and using it for marketing purposes or selling it to third-party companies.

Closing Words

Encrypting your DNS traffic is definitely something that makes sense, especially if you are using public connections regularly or at times but also if you are not, for instance to protect your Internet activities from your ISP or network administrators.

It still makes sense to use a virtual private network on top of all that, especially on public networks or networks that you do not have full control over.

Summary
Author Rating
5
Software Name
DNSCrypt Windwos Service Manager
Operating System
Windows
Landing Page
Please share this article

facebooktwittergoogle_plusredditlinkedinmail


Responses to How to configure DNSCrypt on Windows

  1. Tom Hawack May 17, 2014 at 5:44 pm #

    Works flawlessly, a great front-end for dnscrypt. Handles everything.

    One thing worth being mentioned -- of which the developer is aware -- is that if you change the provider from default (dnssec.eu) to another of the list, calling back DNSCrypt Windows Service Manager will always display the default dnssec.eu even though the user has opted for another provider, BUT only on this display : Registry at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\dnscrypt-proxy\Parameters will show the correct Provider under ProviderName.

    Encrypting DNS requests is an important link in Web security, need it be mentioned.
    Thanks for this article, Martin

    • Martin Brinkmann May 17, 2014 at 6:03 pm #

      And thanks to you for the added information, useful!

    • Ray May 18, 2014 at 1:14 am #

      Thanks for this info, Tom.

      Make sure to let Simon know about this minor bug.

      • Tom Hawack May 18, 2014 at 8:50 am #

        Simon is aware of this minor bug, as I mentioned it, he had acknowledged it answering to a user's comment on his page. That's why I know he is. It is indeed only a minor bug but which can be misleading if unknown by the user.
        Hum... the user was guess who? :) I shouldn't provide this top-secret information, I hope the National Soccer Association won't be reading this!

  2. Dave May 17, 2014 at 9:54 pm #

    This is freeking awesome!

    I wonder if I can install something on my router so that all my devices can use DNSCrypt...

  3. PhoneyVirus May 18, 2014 at 12:13 am #

    As much as I like to install this application I can't, why system needs a fresh installation and I don't have time. Think I'm going back to the Virtual PC so I can play around with these cool applications.

    Thanks for the little Tutorial Martin

    PhoneyVirus

  4. Ray May 18, 2014 at 1:13 am #

    Cool, I have been using OpenDNS for awhile now. Good to know that there is increased protection with DNSCrypt.

    Going to use this now. I might think about switching to OpenNIC for my DNS as well.

    Thanks for writing this blog post, Martin!

  5. Ray May 18, 2014 at 2:26 am #

    Came across another DNSCrypt app:
    https://github.com/Noxwizard/dnscrypt-winclient

    Looks a little more user-friendly. Also, the readme lists more servers.

  6. Alex Oreshkin May 18, 2014 at 6:34 am #

    Was unable to use Teamviewer 6 with DNSCrypt enabled.

  7. Bob May 18, 2014 at 6:47 am #

    @Alex,
    Little behind with that verison my friend... TV is already up to 9.
    Ya might want to update there

  8. John May 18, 2014 at 4:56 pm #

    Is there a reason to use this if I've already set my router to use opendns, seems redundant. right?

    • Martin Brinkmann May 18, 2014 at 6:33 pm #

      Is not that only available for Mac and Windows systems right now as a standalone application? I suggest you contact OpenDNS to find out.

Leave a Reply