FORUMS
Remove All Ads from XDA

keweonDNS - now with improved Certificate (iOS, Mac & Android)

1,650 posts
Thanks Meter: 4,091
 
Post Reply Email Thread
8th October 2019, 06:11 AM |#2761  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,091
 
Donate to Me
More
Do you still believe "SSL/TLS is safe"?

It's not. I'm talking about this since years and the first advertising platform has now proofed this.
They are adding the ads into the TLS stream and the link below shows in detail how they are doing this.

I know this kind of technology since a long time and it's nothing new for me.
This was also one reason for the Certifacte to protect users. I'm prepared since a long time. keweon is also prepared.

What's about you?

CLICK HERE 4 MORE
The Following 3 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
8th October 2019, 07:27 AM |#2762  
rmn.br's Avatar
Senior Member
Flag Prague
Thanks Meter: 124
 
More
Just want to say, everything run flawlessly. I started using Keweon also on PC with cert, inline with AdGuard, basically I see ZERO ads and ZERO adblocker detection.

Local websites with movies and episodes had during one episode around 6 pop-up (every click another) ads which was super annoying, right now ZERO. Like a BOSS haha

Thank you so much for Keweon!

The Following 3 Users Say Thank You to rmn.br For This Useful Post: [ View ] Gift rmn.br Ad-Free
10th October 2019, 02:56 AM |#2763  
micgeb's Avatar
Senior Member
Thanks Meter: 55
 
More
Quote:
Originally Posted by MrT69

Which browser you are using?

Firefox, Opera, chrome.
11th October 2019, 09:09 AM |#2764  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,091
 
Donate to Me
More
To the idiots who try to steal or copy keweonDNS

Do you really believe I'm too stupid not to notice this? Although I'm not doing any logging I know it but unfortunately I don't know who you are.
If you think this is a way to copy over the blacklists you may have no success with this because I'm not a idiot.

More then 300 GB traffic suddenly within a few day's and at the 7th October you switch off? Come on... Who the hell you are?

The public Servers contains round about 40 Million entries. My private server actually has 163 Million entries by daily growing of 6 to 8 Million entries.
Because of financial limitation I can't use the entire database on the current systems. If I would have the AI solution we are talking about 700 to 900 Million entries within the blacklists.

If you want to have them then talk with me. Google me and you get everything about me. I'm not hiding on the Internet.
The Following 14 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
15th October 2019, 12:05 PM |#2765  
Inactive Recognized Developer
Thanks Meter: 76
 
Donate to Me
More
Quote:
Originally Posted by MrT69

Using keweon DoH on Windows - the easy way

One of my personal goals is to provide keweonDNS without any client and this is for security reasons. On the one hand no one can provdide a fake installation which contains malware and on the other its because of the Certificate. No Client means no communication.

Windows becomes now some kind of tricky because there exists no real client except the one for "Cloudflare". Big surprise - you can use this client and its working. Its not a problem to build such a client for Windows but I seriously have no spare time to support this. I'll show you now how to do it with the Cloudflare DoH Client.

So... Let's rock!

What do you need?

You would need a few things to get this running. Any Windows Box is 100% fine but not sure if this will still work with XP. If you still use this OS you have other problems then encrypted DNS communication.

1. XCA for Certificates > click here

2. Something to unzip the attached files below

3. Make sure you know you can edit the Windows hosts file (C:\Windows\System32\drivers\etc\hosts)

4. The "Cloudflare DoH 64Bit Client" > click here

5. The "Cloudflare DoH 32Bit Client" > click here

6. You need 5 to 10 Minutes time & a cup of coffee


How to install?

Quite easy. First at all download all the things.
Open a command prompt with Administator privileges and you need to open the Explorer to copy a few files. Now do exactly copy & paste the commands below and you are fine to go.

1. Create the installation directory within the command prompt:

Code:
mkdir C:\Windows\System32\config\systemprofile\.cloudflared
2. Copy the "cloudflared.exe" into this directory

3. Copy the "cert.pem" file to the directory

4. Copy the "config.yml" file into the directory

5. This should be now your directory:

6. Go back to the command line and change to the directory with this command prompt:
Code:
cd C:\Windows\System32\config\systemprofile\.cloudflared
7. Now again within the command line box install the Cloudflare.exe as Service
Code:
cloudflared.exe service install
8. Because of the fact that LetsEncrypt do not support IP Adresses you need now add the keweonDoH DNS Server to your HOSTS file. Just do it by copy & paste.
Code:
2a01:4f8:c2c:e25::207 doh.asecdns.com
2a01:4f9:c010:1cbd::29 doh.asecdns.com
2a01:4f8:1c17:6fc7::250 doh.asecdns.com
159.69.49.250 doh.asecdns.com
116.203.126.207 doh.asecdns.com
95.216.165.29 doh.asecdns.com
9. Save the HOSTS file and reboot your Computer. I have written reboot and this means reboot. Don't complain it's not working when you don't do it.

At this point when the reboot is done you can test now that the DoH DNS Service is working. Open a Command prompt again. Type now "nslookup" and press return.
Now type "server 127.0.0.1" and hit return again.
Now type a Url or a domain and press return. The answer should be an IP address. Tadaaaa - its working.

10. After the reboot everything is fine & now it's time to change the Network Adapter.

11. Open your network card settings and set the IP Address 127.0.0.1 as DNS Server

12. Save it & happy surfing!


Why do you need XCA?

Within the download you will find a XCA Database which contains the LetsEncrypt Root Certificates. If you don't trust my downloads you can do it by yourself. Add the Certificates to XCA and export them by yourself.


Why do you need the Certificate things?

The cloudflare client actually don't use the default Certificate store of windows. To connect to any other DoH Server you will need in addtion the Certificate chain to validate the DoH Server certificate. For this you can easy export the Certificates from the Website of the DoH Server, import them into XCA and Export them as a valid certificate chain which you can now use within the config file.


How can I export certificates from a Website?

Open the website of the DoH Server by the DoH Server address. As example here I use "https://doh.asecdns.com/nebulo"
Here you can see now how to export a Certificate. Seems to be complicate but after the second try it's very easy.

If you want to import in XCA just select the exportet Certificates and drag & drop it to XCA when you have the Database open.


How to do it with XCA?

1. Open the LetsEncrypt Database (the file below has the Password "a" without the quotes) and export Certificate CHAIN (!)

2. Now export it within the right format:

3. Now you can easily change the config file (config.yml) and use any other DoH Server of your choice.

4. Don't forget to add the Address within HOSTS file because without this settings it will not work.

NOTE:
If you have better or faster settings for the config file (config.yml) then let me know this. This are only setting which are working. Let's do it better - together.

Have fun with it!

Hi,

The config file and host file must be updated based on https://reinstall.keweon.center/?

Please provide the updated files in order to have DoH in Windows 10
The Following 5 Users Say Thank You to totalcmdext For This Useful Post: [ View ] Gift totalcmdext Ad-Free
15th October 2019, 02:27 PM |#2766  
Member
Thanks Meter: 10
 
More
I can't gaming at all using this dns, game lags... but after all no ads when web browsing and pretty decent loading time
15th October 2019, 02:33 PM |#2767  
Timmmmaaahh's Avatar
Recognized Contributor
Flag Bruges
Thanks Meter: 5,197
 
Donate to Me
More
Quote:
Originally Posted by aL_09

I can't gaming at all using this dns, game lags... but after all no ads when web browsing and pretty decent loading time

Works great here. Which game were you trying? Please include the Play Store link.
15th October 2019, 02:46 PM |#2768  
Member
Thanks Meter: 10
 
More
Quote:
Originally Posted by Timmmmaaahh

Works great here. Which game were you trying? Please include the Play Store link.

It's the new Call of Duty Mobile, can't even login using the dns...
Here you go... https://play.google.com/store/apps/d...Bo671fAPjuSGMA
15th October 2019, 02:54 PM |#2769  
Timmmmaaahh's Avatar
Recognized Contributor
Flag Bruges
Thanks Meter: 5,197
 
Donate to Me
More
Quote:
Originally Posted by aL_09

It's the new Call of Duty Mobile, can't even login using the dns...
Here you go... https://play.google.com/store/apps/d...Bo671fAPjuSGMA

Ah yes, I've had mixed success with keweon. I'm using Nebulo to easily switch keweon on and off. Can you look into this one, @MrT69? Pretty please 0=)
15th October 2019, 04:09 PM |#2770  
Senior Member
Flag Kolaghat
Thanks Meter: 166
 
More
Quote:
Originally Posted by Timmmmaaahh

Ah yes, I've had mixed success with keweon. I'm using Nebulo to easily switch keweon on and off. Can you look into this one, @MrT69? Pretty please 0=)

How to use nebulo???
15th October 2019, 06:01 PM |#2771  
Timmmmaaahh's Avatar
Recognized Contributor
Flag Bruges
Thanks Meter: 5,197
 
Donate to Me
More
Quote:
Originally Posted by jyoti.id

How to use nebulo???

It's really straightforward. Just add the keweon DoH server and fire it up. See attachments for visual instructions. You'll find more info in the first posts of this thread.Click image for larger version

Name:	Screenshot_20191015-185405__01__01.jpg
Views:	274
Size:	52.5 KB
ID:	4845347Click image for larger version

Name:	Screenshot_20191015-185542__01.jpg
Views:	270
Size:	78.1 KB
ID:	4845351Click image for larger version

Name:	Screenshot_20191015-185706__01.jpg
Views:	264
Size:	62.9 KB
ID:	4845353

Sent from my ONEPLUS A6013 using Tapatalk
The Following 2 Users Say Thank You to Timmmmaaahh For This Useful Post: [ View ] Gift Timmmmaaahh Ad-Free
Post Reply Subscribe to Thread

Tags
adblocker, dns

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes