Shout out to DuckDNS; Thank You! Have been using it for a few years now without a hitch!
Although its free, they accept donations via Patreon[0], Paypal etc. Running and maintaining services is not free, so if you're using DuckDNS, contributing would guarantee that the service survives into the future!
Dynamic dns domains are used heavily by spammers as a free way to get new domains to spread links on social media sites (to evade domain bans). Typically these are fake dating site scams targeted at men. I’m dealing with this now at at one of the top social media companies.
And? Not sure what I'm supposed to take from this. Domains can be had for so cheap, the fact that it's even a consideration in the spam profile is kinda... :/.
This is not unique to duckdns. My own domains with completely innocent content get flagged as unsafe by the big gatekeepers. This is a growing problem for any of us outside their walls.
> cybercriminals using the service have tarnished its reputation
Yeah, that's the only reason I'd heard of Duck DNS before - I got some "please sign in to your bank account" text with a link and I saw the domain in the URL was duckdns.org so I looked into it. With behavior like that on their domain, I'd imagine many browsers, firewalls, etc will block them.
I currently use no-ip free tier for this. My only complaint with no-ip free is that I have to login and verify that I am still using it after a while. Does Duck DNS do this too?
I don’t see much issues with privacy or security with a service like this.
They don’t get traffic going through them. They mainly exist to point to an IP. With enough data they have information on how an ISP rotates IP’s and who they’ve gone to.
In your case, with a WireGuard VPS, all traffic goes through the server. That’s a very different setup.
In their case, a request goes to them at a regular interval and they update the IP the dns record points to. That’s it.
When someone requests the domain, they simply respond with an IP. At most, if there’s little caching, they could get frequency of usage.
My biggest concern would be someone scanning CT logs to find hosts with hobbyist grade security. That’s not meant to insult hobbyists, but they might be a juicy target for immediately exploitation after a zero day hits. To be clear, it’s the same for any well known DynDNS domain.
Besides that, I looked at every DynDNS system I could find back in the summer. There were only 3 that I was happy with; Hurricane Electric, Google Domains, and a pair of self hosted Bind servers.
If you want the best, simple solution, and it doesn’t need to be completely free, register a domain with Google domains. If anyone knows of limitations, let me know.
I prefer to use Cloudflare for my DNS including dynamic DNS. I happen to have my domains registered through them but it is not a requirement to use their free tier.
There's no routing of the actual traffic, only basic DNS forwarding. Of course it's not meant for business production services, but it's decent for homelab. Especially considering for how long has DuckDNS been operating.
A few friends and I wrote a simple dynamic DNS service called ddns[1] around a 0-dependency nodejs script that manages NSD zone files. It's pretty easy to self-host an ns for your own needs. The most interesting feature it has is the ability to register an unused entry without authentication (or with an adminpassword) but update it with a password set on first registration. This allows me to bake that password into a cronjob on any given server without the risk that it can hijack DNS from other servers if it is compromised. My company now uses it (plus NSD zone transfer) to drive our DNS layer for server to server communications.
One of my friends runs a public instance here, with no guarantees offered.[2]
Duck dns is very usefull. I use to host a demo from a CRM portal my company sold at my house.
The problem was that I had dynamic IP and my isp shit router did not suport DNS services. So I made a simple script that would log in and acess the router information page, get the public IP and update in the DUCK dns with a curl.
Yeah most routers come with a fixed list of services, when they really mean is a list of protocols.
I have a Huawei Fibre ONT, that only listed DynDNS, NoIP, and a few others. I could get away by using a NextDNS DNS override, and hosting my own script that forwarded the API call to the actual DDNS provider.
I used to have my first blog ever registered through duck dns. Reused an old hp desktop a friend of mine had found for me at the nearest waste collection facility as server. A golden era for me.
Also, AWS lets you ask for a static IP access (EIP) which you don't pay for so long as it is attached to something (an ec2 instance, a load balancer, etc).
this is good. there should be more services to pool DNS, email addresses, and cell phone numbers. this should be a basic tool for the hacker to get around the muggle.
The thing I find most interesting about this post is the Reddit login deprecation.
Reddit provides an OAuth2 IdP service... but is unhappy when platforms use it? I'm genuinely curious why they provide this service if their legal team then actively chases platforms that use it to get them to desist?
They're pretty explicit in the email, the service has to be related to Reddit.
OAuth login to edit all your comments in a react CMS? OK. OAuth login to to update you server dynamic ips? Not really Reddit focused.
Really more of a failure on the API key generation page where you should (perhaps now do) have to click a "Yes, my thing extends or uses data from reddit" to get a key.
What other auth system should they have used to allow 3rd party login, that some how also handles site intent?
Although its free, they accept donations via Patreon[0], Paypal etc. Running and maintaining services is not free, so if you're using DuckDNS, contributing would guarantee that the service survives into the future!
[0] https://www.patreon.com/user?u=3209735