sans - A simple anti-spoofing DNS server.

sans – A simple anti-spoofing DNS server.

Simple Anti-spoofing Name Server, designed to defend against DNS spoofing, suitable for embedded devices and low end boxes.
Latest Change 24/12/2015:
+ add homebrew build script.

sans - A simple anti-spoofing DNS server

sans – A simple anti-spoofing DNS server

Features:
+ Support both UDP and TCP
+ Detect if a domain is polluted
+ Query polluted domains over TCP or SOCKS5

sans file

sans file

Note:
+ If SOCKS5 server is not given, polluted domains will be queried over TCP. It’s faster than querying over SOCKS5, but may not work in some networks.
+ Since there is no cache in sans, you may need to set it as an upstream DNS server for Dnsmasq instead of using it directly.

TODO:
– cache
– retry on error
– auto pre-query
– recursive

Installation and usage:

sample configuration:

Source : https://github.com/XiaoxiaoPu