In the past few months, we have written a couple of articles related to Internet Privacy. We talked of how DNS works, free VPNs such as SpotFlux, NeoRouter, CyberGhost VPN, etc., as well as private browsers that hide your identities, such as the Jumpto browser, and more. In the same series, this post is about DNSCrypt, a lightweight program that encrypts the exchange of data between your computer and the DNS Servers. In a way, it is all about your privacy, as men in the middle (hackers) won’t be able to understand what is happening on your Windows computer.
What is DNSCrypt – Why Do I Need It
You know about the VPNs that encrypt your data and exchanges it in a secure tunnel created between your computer and the host. Though VPNs provide better security and privacy of DNSCrypt, they often slow down your browsing. Proxies are for accessing sites (by changing your IP address). They don’t provide encryption in most cases. We also discussed certain DNS (example OpenDNS) that provide content filtering in addition to a secure (anti-malware) connections. You know that not all websites are not safe. Comodo and OpenDNS perform a check when you request a website connection and will inform you if the website is dangerous. OpenDNS also offers content filtering that can be called Parental Controls over the network. You do not need to configure it on all computers.
Normally, with the above (exception: VPNs), your data is exposed to the “man in the middle” when you send a website request, email or even an IM. To protect this data, you need something that encrypts your data between your computer and the DNS server you are using. The DNS server could be anything of your choice. DNSCrypt is a program that provides encryption of this data (between you and the DNS). You can select from the listed service providers or use the Network Adaptor settings to change the DNS manually.
NOTE: In some cases where you select your DNS other than the ones listed in DNSCrypt, it creates problems connecting to the Internet. I would recommend using popular DNS servers, as they pose fewer problems. If you select the ones listed in the DNSCrypt, you might not face any problem at all.
In short, if you are not using a VPN, the DNSCrypt will help you stay safe when communicating on the Internet. Communication can be anything from email to IM to browsing websites.
DNSCrypt will encrypt and protect data
Where to download DNSCrypt
There are many sites offering DNScrypt download. The main source is at GITHUB that also contains the code of the program so that you can check whether it is programmed to encrypt the data or not.
But downloading from GITHUB gives you a confusing version of DNSCrypt. The link to download is towards the bottom right corner of the screen – marked as “Download ZIP”. This ZIP file contains many folders that need to be extracted to some safe place so that your copy of DNSCrypt keeps working. See the image above for an idea of how extracted files look.
There is another site from where you can download DNSCrypt so that you can install it as a Windows Service. This is also a DNSCrypt ZIP file containing only four files. The link to download DNSCrypt Windows Service leads you to a website of a programmer named Simon Clausen – simonclausen.dk. The page also tells you about the benefits of the program. I prefer downloading it from Simon Clausen’s website rather than GITHUB. The latter is a bit complicated as it has too many files and you may not know which one to run first.
Read: What is DNSCrypt Protocol.
How To Install DNSCrypt
If you downloaded the ZIP file from GITHUB and extracted the contents, get the following folders. They look confusing, but you open the DNSCrypt folder and the run the only executable there. There is an upgrade folder when you extract it, but I was not able to understand what it meant. Maybe it was patched or maybe upgrades with new features. There are some six upgrade files. I could not find details about this.
If you downloaded the ZIP file from Simon Clausen’s website, all you need to do is to extract the files and run dnscrypt-winservicemgr.exe. You will get a graphical Interface as shown in the image below. You can choose your adaptor, type of communication (UDP or TCP) and also service providers (such as OpenDNS, etc.) before clicking Enable. After you click Enable, simply close the window. The process runs in the background, and you can view it in Windows Task Manager -> Process Tab.
How to remove DNSCrypt Windows Service
Always create a restore point before installing such software because if anything goes wrong (such as incorrect configuration), you can restore your computer back to before the program was installed. In the case of DNSCrypt, you will not find any entry in Programs and Features.
System Restore is the only way to remove it. Alternatively, you can go to Services from Control Panel -> Administrative Tools and disable the dnscrypt service. Right-click on the service listed as dnscrypt-proxy and click on Disable or Manual Start.
I prefer using the installer ZIP from Simon Clausen as it is easy and has a simple GUI to help you set it up. I had fears that the DNS resolving time may increase after installing this, but no such thing happened, meaning your browsing speed won’t decrease. It encrypts and thus provides safety and privacy to your data. It does not take up much resources on your computer. I recommend using the product for added safety while you are browsing, sending emails or chatting.
Similar tool: Simple DNS Crypt.