I know that there are nowhere near as many security concerns with *nix as doze. But I think this is an idea that should cross OS's?
One of the few things I have set up in doze right now that I'd like to keep is DNS resolution.
In doze I turned off the DNS cache service. Not so much directly for system security per se. I know about cache poisoning, etc. But I did it because doze will resolve any address that you ask it to. Even to known malicious sites.
To prevent that you have to shut off the local cache and then I pointed my router at OpenDNS.org b/c doze will default to the router to resolve if the cache service is disabled.
I've been reading that the UB DNS cache is designed to be more secure than the doze cache. But, unless it has a filter (or I can set one up?), I'd rather point it at or default to the router to resolve DNS.
How do I achieve that?