Stubby

dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby Desktop [Linux, Mac, OpenWrt & Windows]

Awesome Privacy ➔ Networking ➔ DNS Clients ➔ Stubby

Acts as a local DNS Privacy stub resolver (using DNS-over-TLS). Stubby encrypts DNS queries sent from a client machine (desktop or laptop) to a DNS Privacy resolver increasing end user privacy. Stubby can be used in combination with Unbound - Unbound provides a local cache and Stubby manages the upstream TLS connections (since Unbound cannot yet re-use TCP/TLS connections), see example configuration.

Homepage: dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby
GitHub: github.com/getdnsapi/stubby
Web info: web-check.xyz/results/dnsprivacy.org

Open Source

Stubby Source Code

Author

getdnsapi

Description

Stubby is the name given to a mode of using getdns which enables it to act as a local DNS Privacy stub resolver (using DNS-over-TLS).

Homepage

https://dnsprivacy.org/dns_privacy_daemon_-_stubby/

License

BSD-3-Clause

Created

26 Jun 17

Last Updated

22 Apr 24

Latest version

v0.4.3

Primary Language

Size

497 KB

Stars

1,163

Forks

Watchers

1,163

Language Usage

Star History

Top Contributors

Recent Commits

Sara Dickinson (26 Mar 24)
Update hostname and pin for Fondation RESTENA server in stubby.yml.example
Sara Dickinson (26 Jun 23)
Remove `dnsovertls` servers from man page. Update version for custom Windows rc release.
Sara Dickinson (20 Apr 23)
Merge pull request #341 from ayushkamadji/fix-readme-links Fix broken wiki short links in readme
Ayushka Partohap (20 Apr 23)
Fix broken wiki short links
Sara Dickinson (09 Jan 23)
Merge pull request #335 from AstralStorm/develop Fix service build failure on Windows
Radosław Szkodziński (03 Jan 23)
Fix service build failure on Windows
Willem Toorop (22 Dec 22)
Log messages from getdns have '\n' at the end
Willem Toorop (22 Dec 22)
Fix PR #323 Reduce spam messages when interface is offline
Willem Toorop (22 Dec 22)
Stubby 0.4.3 Quickfix release scheduled for today
Willem Toorop (22 Dec 22)
Merge pull request #324 from pemensik/stubby.service Private users prevents running on systemd
Petr Menšík (15 Oct 22)
Private users prevents running on systemd Original value does not work on systemd v250, Fedora 36. Does not work on Fedora 38, systemd-252~rc1 either. It prevents the process from successfully binding the socket.
Willem Toorop (19 Aug 22)
stubby-0.4.2 quickfix release
Willem Toorop (19 Aug 22)
Fix #320 Stubby won't start without `log_level` setting
Willem Toorop (19 Aug 22)
Bump version for the 0.4.1 release
Willem Toorop (19 Aug 22)
Mention getdnsapi.net servers listen on port 443 now too
Willem Toorop (19 Aug 22)
getdnsapi.net DoT servers now listen on port 443 too
Willem Toorop (12 Aug 22)
Set log level from config file
Willem Toorop (11 Aug 22)
Bump version
Willem Toorop (11 Aug 22)
Attribute systemd file to Bruno in Changelog
Willem Toorop (11 Aug 22)
Merge pull request #294 from ArchangeGabriel/patch-1 Upgrade systemd service security
Willem Toorop (11 Aug 22)
Merge pull request #314 from getdnsapi/remove_dnsovertls_servers Remove the dnsovertls.sinodun.com servers from the config.
Sara Dickinson (07 Jun 22)
Remove the dnsovertls.sinodun.com servers from the config. Additional tidy up of config.
Sara Dickinson (05 Aug 22)
Tidy up Changelog
Sara Dickinson (05 Aug 22)
Add text on ECS use
Sara Dickinson (05 Aug 22)
Merge pull request #316 from pataquets/add-resolvers-quad9 Add Quad9 resolvers.
Sara Dickinson (21 Jul 22)
Fix typo in cmake check for libidn2
Sara Dickinson (21 Jul 22)
Merge pull request #319 from jpbion/fixlibidn2 Category: Strengthen check for LibIDN2 version in cmake build step
Joel Bion (20 Jul 22)
Category: Strengthen check for LibIDN2 version in cmake build step
pataquets (08 Jun 22)
Add Quad9 resolvers.
Sara Dickinson (08 Jun 22)
Merge pull request #315 from pataquets/patch-1 Changelog minor fix

Stubby Website

Website

404 Page not found

Redirects

Does not redirect

Security Checks

2 security checks failed (64 passed)

HTTP Status Error
HTTP Client Error

Server Details

IP Address 185.199.110.153
Hostname cdn-185-199-110-153.github.com
Location California, Pennsylvania, United States of America, NA
ISP GitHub Inc.
ASN AS54113

Associated Countries

Saftey Score

Website marked as safe

100%

Blacklist Check

dnsprivacy.org was found on 0 blacklists

ThreatLog
OpenPhish
PhishTank
Phishing.Database
PhishStats
URLhaus
RPiList Not Serious
AntiSocial Blacklist
PhishFeed
NABP Not Recommended Sites
Spam404
CRDF
Artists Against 419
CERT Polska
PetScams
Suspicious Hosting IP
Phishunt
CoinBlockerLists
MetaMask EthPhishing
EtherScamDB
EtherAddressLookup
ViriBack C2 Tracker
Bambenek Consulting
Badbitcoin
SecureReload Phishing List
Fake Website Buster
TweetFeed
CryptoScamDB
StopGunScams
ThreatFox
PhishFort

Website Preview

View full report at
web-check.xyz

Stubby Reviews

More DNS Clients

DNScrypt-proxy 2

(Desktop [BSD, Linux, Solaris, Windows, MacOS & Android])
dnscrypt.info

A flexible DNS proxy, with support for modern encrypted DNS protocols including DNSCrypt V2, DNS-over-HTTPS and Anonymized DNSCrypt. Also allows for advanced monitoring, filtering, caching and client IP protection through Tor, SOCKS proxies or Anonymized DNS relays.

Open Source DNSCrypt/dnscrypt-proxy

View DNScrypt-proxy 2 Report
Unbound

(Desktop [Linux, Mac, OpenWrt & Windows])
nlnetlabs.nl/projects/unbound

Validating, recursive, caching DNS resolve with support for DNS-over-TLS. Designed to be fast, lean, and secure Unbound incorporates modern features based on open standards. It's fully open source, and recently audited. (For an in-depth tutorial, see this article by DNSWatch.)

Open Source NLnetLabs/unbound

View Unbound Report
Nebulo

(Android)
nebulo.app

Non-root, small-sized DNS changer utilizing DNS-over-HTTPS and DNS-over-TLS. (Note, since this uses Android's VPN API, it is not possible to run a VPN while using Nebulo.)

Open Source Ch4t4r/Nebulo

View Nebulo Report
RethinkDNS & Firewall

(Android)
rethinkdns.com/app

Free and open source DNS changer with support for DNS-over-HTTPS, DNS-over-Tor, and DNSCrypt v3 with Anonymized Relays. (Note, since this uses Android's VPN API, it is not possible to run a VPN while using RethinkDNS + Firewall.)

Open Source celzero/rethink-app

View RethinkDNS & Firewall Report
DNS Cloak

(iOS)
apps.apple.com/us/app/dnscloak-secure-dns-client/id1452162351

Simple all that allows for the use for dnscrypt-proxy 2 on an iPhone.

Open Source s-s/dnscloak

View DNS Cloak Report

About the Data: Stubby

API

You can access Stubby's data programmatically via our API. Simply make a GET request to:

https://api.awesome-privacy.xyz/networking/dns-clients/stubby

The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.

About the Data

Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.

Share Stubby

Help your friends compare DNS Clients, and pick privacy-respecting software and services.
Share Stubby and Awesome Privacy with your network!

← Previous

DNS Cloak

View DNS Clients (6)

Awesome Privacy