How to configure DNSCrypt on Windows
OpenDNS launched its encrypted DNS service DNSCrypt back in 2012 and has been offering it ever since. It protects DNS look-ups made by your system by encrypting them, similar to how your Internet traffic is encrypted when you connect to https websites.
The company released DNSCrypt to Github and others have started to implement the feature into third-party services.
DNS information is valuable as they offer a nearly complete account of your Internet activities including the domains and servers you connected to.
If you encrypt the traffic, third-parties listening in on your connection cannot access the information anymore.
It makes sense to use an encrypted DNS service. DNSCrypt is not the only service that offers this, but it is freely available and if you pick the right one, without connection logging as well.
While you can use OpenDNS for all of that, you may not want to use the service as your DNS provider. As mentioned earlier, there are alternatives that provide you with the same level of encryption.
While you can now go ahead and set it up by yourself, you may prefer an easier solution.
DNSCrypt Windows Service Manager
DNSCrypt Windows Service Manager is a free program for the Windows operating system that you can use to select a provider that supports it as well. In fact, it does list OpenDNS as one of the providers but others as well so that you can test several of them or simply pick the one you want right away.
The interface of the application is bare bones, but that is fine as it provides you with all important options. It displays all network adapters that it has discovered on start and whether the DNSCrypt Service is running or not.
All you have to do is pick one of the providers and click on the enable button to start the service and encrypting your DNS traffic.
You do get options to switch the protocol from UDP to TCP, and between IPv4 and IPv6. Note that clicking enable will install the dnscrypt-proxy service on your operating system. The service is removed again when you click on the disable button.
Since it is not permanent in nature, it is ideal for testing purposes. It is recommended that you research the providers that it makes available before you enable any of them. Encryption won't help a bit if the provider itself records your DNS look ups and uses it for marketing purposes or selling it to third-party companies.
Encrypting your DNS traffic is definitely something that makes sense, especially if you are using public connections regularly or at times but also if you are not, for instance to protect your Internet activities from your ISP or network administrators.
It still makes sense to use a virtual private network on top of all that, especially on public networks or networks that you do not have full control over.
Update: The program is no longer maintained. Check out Simple DNSCrypt instead.Advertisement