/Beshcan

PDOH (Personal/Private DNS over HTTPS) and PDOT (Personal/Private DNS over TLS)

GNU General Public License v3.0GPL-3.0

Beshcan

This project came to my mind when I had a feeling that maybe some services like shecan have something more than just bypass sanctions in their mind. We don't know what they are logging from us in their servers right now, even with DNS over TLS; I can't feel safe. However, few recent weeks (from the start of July 2020), we have severe censorship over DNS in Iran, based on OONI, we don't have privacy and freedom on the internet. The government censored lots of websites and services for Iranians; on the other hand, the USA sanctioned Iran on many international services. We're sitting ducks and can't do much about it.

Don't forget that there is nothing we can't do :)

I came up with an idea after reading this tweet from Iranian Offsec about DNS over TLS/HTTPS, and this article about DNS over Tor.

So let's talk about what I have in my mind. I want to make a private DNS resolver for everyone on their private servers without logging and completely secure using DNS over HTTPS with random packet size to bypass censorship.

I intentionally don't use any database for logging and error collecting; besides, I will explicitly redirect every log or error to /dev/null/ or disable any logging functions or services for users' data privacy.

Tools used on this project

  • Microservice Architecture
    • Docker
    • Kubernetes (K8s)
  • Python or Rust or Go or C
  • Scapy for Packet Manipulation (Python Library)

Installation

:)

Usage

:)

Resources

  1. DNS over HTTPS (DOH)
  2. DNS over TLS (DOT)
  3. Other

Contributing

See contributor's guide for more details.

License

This project licensed under the GPL-3.0 License - see the LICENSE file for details.