New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
how does smartdns work?
muneebrocks
Member
in Help
Is it the same as a proxy which is only activated at certain sites?
does netflix know my real ip when I am using it via smartdns?
If it does know my real ip why doesnt it block it?
Comments
Similar
No
Because it doesn't know your real IP
ah okay because they keep saying no speed loss and your ip will not change so got confused
thank you
The DNS directory that matches name to numbers isn’t located all in one place in some dark corner of the internet. With more than 332 million domain names listed at the end of 2017, a single directory would be very large indeed. Like the internet itself, the directory is distributed around the world, stored on domain name servers (generally referred to as DNS servers for short) that all communicate with each other on a very regular basis to provide updates and redundancies
I can smell a cut and paste like a fart in a car.
https://www.networkworld.com/article/3268449/what-is-dns-and-how-does-it-work.html
Yep its here and many other places https://www.coursehero.com/file/p70ejb0/How-DNS-servers-work-The-DNS-directory-that-matches-name-to-numbers-isnt/
@sumeethannurkar Why plagiarize? Whats the point?
The science behind that is: when you access netflix, netflix.com will be resolved to their servers, where sniproxy or haproxy is transparently forwarding traffic. Then netflix will only see their ip. Technically it's possible for netflix to know your real ip as long as they really want to.
I'll try to explain in a nutshell.
SmartDNS serves as a proxy between you and the streaming site until content is delivered.
You enter Netflix or Hulu URL for example then instead of sending you to the real IP of those sites you're sent to a different IP the SmartDNS forged for you through which there are no geo restrictions.
All your content streaming requests are mediated by this IP until the final stage where the CDN sends you the requested file to play. At this advanced stage there are no more geographical screenings and the SmartDNS proxy ( which is founded on this fact) is getting out of the picture so the media is sent directly to your real IP and played at normal speed.
Companies still find out about this activity (not hard. Too many people through a certain IP is suspicious) so this is a cat and mouse game where IP addresses are swapped regularly. A reliable paid SmartDNS service should ensure that there are always options that work.
The SmartDNS by the way does not encrypt your traffic at all. It's completely different from a VPN.
Also, you should be very careful and stay away from "free" SmartDNS services which (if at all work) can easily fake your connection to other sites like PayPal and Gmail and steal credentials in an easy phishing.
You're asking someone who plagiarizes what the point of plagiarizing is?
Anyway, it's not the first time that he has plagiarized. Consider
https://www.lowendtalk.com/discussion/comment/3193953/#Comment_3193953
This is copied verbatim from the first answer of
https://www.digitalocean.com/community/questions/how-can-i-point-subdomain-to-ip-port
thank you this was really useful
MitM for PayPal and Gmail (and indeed most sites these days) is actually very hard due to TLS and HSTS. A large portion of sites use HTTPS and HSTS now, so even if a SmartDNS service were to reroute PayPal or Gmail traffic to their own servers, you'd see a scary security warning that's often not bypassable (depending on how the 'real' server is configured)
Because of that, I don't actually understand how these SmartDNS services still work. I'm fairly sure Netflix uses HTTPS, but perhaps they don't use it for their CDN nodes?
HTTPS can be proxied. However, the proxy would not be able to see or modify HTTP requests and responses.
Given the purpose is bypassing IP geo restriction, you can think of the proxy as some sort of port forwarding - it passes whatever you send them to the origin site at TCP level, without decrypting.
The origin site would see the connecting IP being the exit IP of the proxy, instead of the client IP.
Ahh, right, so it just tunnels the connection unmodified. That makes sense. Thanks!
You don't need to break HSTS/TLS for this, they just resolve certain hostnames like nflxcdn to their own IPs that then reverse proxy it to the backend. No MITM.
The proxies come with ACLs to only pass traffic to Netflix or Hulu or whatever and have host header and IP destination restrictions.
Wouldn't DNSSEC defeat that custom resolution?
DNSSEC requires that your client wants to enable dnssec and respect it