Home

M net DNS over TLS

DNS over TLS (DoT): Funktionsweise, Vor- & Nachteile [+DoT

  1. istratoren finden diesen Schritt aber wichtig, um einen besseren Überblick über die.
  2. DNS over TLS in der FritzBox aktivieren. In einem zweiten Schritt könnt Ihr im Menüpunkt Internet -> Zugangsart -> DNS seit FritzOS 7.20 die verschlüsselte Übertragung zum DNS-Server aktivieren. Der Vorteil ist, dass Anfragen.
  3. Neben DNS over TLS gibt es noch DNS over HTTPS. Hierbei wird über den HTTPS Standardport 443 die DNS Abfrage verschlüsselt. Eine Unterscheidung, ob es sich um eine DNS Abfrage oder um Web Datenverkehr handelt, ist so nicht mehr ersichtlich. In der Praxis wird DoT eine höhere Geschwindigkeit nachgesagt. AVM hat sich bei der Implementierung ausschließlich auf DoT.
  4. Lokalen Resolver für DNS-over-TLS einrichten. Von Roman ( romanf auf trash.net ) Dieser Artikel beschreibt grob, wie man einen lokalen DNS Resolver auf einem Linux einrichtet, konfiguriert und mit gängigen Clients verwendet. Als Einstieg empfehlen wir den c't Artikel Selbstauskunft - Namensauflösung inklusive Datenschutz fürs Heimnetz.

DNS over TLS in der FritzBox aktivieren und sicher surfe

Freifunk München (nur DNS-over-TLS und DNS-over-HTTPS!) IPv4: 195.30.94.28 / IPv6: 2001:608:a01::3 / dot.ffmuc.net Die folgenden DNS-Server filtern Werbung, Tracking und Malware Domains auf DNS. DNS over TLS ( DoT) is a security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. Wikipedia Folgende zensur-freien und vertrauenswürdigen DNS-Server mit No-Logging Policy, DNSSEC Validierung und Anti-Spoofing Schutz ( Testseite) kann man als Alternative zu den Default DNS-Servern der Provider für diejenigen empfehlen, die wechseln möchten: Freifunk München (normales DNS, DNS-over-TLS und DNS-over-HTTPS) IPv4: 5.1.66.255 DNS over TLS (DoT) ist ein Protokoll, mit dem DNS-Abfragen, d. h. vor allem Abfragen zur Auflösung von Hostnamen in IP-Adressen und umgekehrt, über das Transport-Layer-Security-Protokoll verschlüsselt übertragen werden. Es handelt sich um einen von der Internet Engineering Task Force vorgeschlagenen Standard, RFC 7858

DNS over TLS auf einer Fritzbox aktivieren - Michis Blo

  1. DNS-over-TLS has been a buzzword in the net privacy ecosystem for a while now, and for good reason: with data breaches and internet snooping increasing year by year, the demand for more sophisticated tools of protection is at an all-time high. DNS-over-TLS is one of those tools and is a must-have feature of any VPN worth its salt
  2. Dafür kann man seit langem das proprietäre Protokoll DNSCrypt verwenden oder in jüngerer Zeit auch DNS-over-TLS (DoT) und DNS-over-HTTPS (DoH). Im c't-Artikel Auskunft abgedichtet - So.
  3. Unverschlüsselte DNS-Anfragen sind eine potentielle Gefahr für die Privatsphäre und bieten einen einfachen Angriffspunkt für Manipulation. Derzeit kämpfen zwei konkurrierende Standards darum, diese Probleme zu beheben. DoT (DNS-over-TLS) und DoH (DNS-over-HTTPS). AVM hat sich entschieden mit den FritzBox-Routern DoT zu unterstützen. Seit.
  4. DNS over TLS and DNS over HTTPS are two standards developed for encrypting plaintext DNS traffic in order to prevent malicious parties, advertisers, ISPs, and others from being able to interpret the data. Continuing the analogy, these standards aim to put an envelope around all postcards going through the mail, so that anyone can send a postcard without worrying that someone is snooping on.
  5. DNS over TLS - Ubuntu 20.04 (Native) DNS over TLS - Windows 10 (Stubby /w GUI) Set Up: dnscrypt-proxy for macOS; Set Up: Stubby for macOS ; Setup SimpleDNSCrypt Windows 10 Using DNSCrypt protocol; Setup SimpleDNSCrypt Windows 10 Using DNS over HTTPS; DNS over HTTPS - Windows 11 (Native) Zachary September 22, 2021 14:07; Updated; Introduction. Note: Windows 11 is still in the pre-release stage.
  6. Fritzbox DNS over TLS (DoT) « am: 15. Dezember 2020, 21:30:12 ». Inzwischen laufen fast alle Webseiten über HTTPS (SSL) und Provider können nicht sehen welche Daten wir übermitteln, besonders Benutzername und Passwort. Jedoch sind die Verbindung zum DNS-Server immer noch unverschlüsselt und der Provider kann diese in Klarschrift mitlesen
  7. Ein DNS-Server oder Nameserver hat die Aufgabe, Domain-Namen, die ein User in senen Browser eingibt, mit den richtigen IP-Adressen zu verbinden, um Webseiten aufrufen zu können. Die folgende Liste enthält die IP-Adressen der DNS-Server der wichtigsten..

unter DNS over TLS (DOT) ein, dann ändert sich nichts. Gebe ich hingegen dns.google ein, dann wird mir beim aktuellen DNS-Server aktuell genutzt für Standardanfragen - DoT verschlüsselt angezeigt. Ich fürchte fast, die Antwort wird nein lauten. Ist aber nicht schlimm. Die google-DNS-Server sollen recht schnell sein, und telefonica wird dann als Fallback-DNS benutzt. New DNS protocols have being developed and are starting to be used which increase privacy and security by encrypting DNS queries. The two main protocols for encrypted DNS are DNS over HTTPS (DoH) and DNS over TLS (DoT). This page gives information about our encrypted DNS services

Lokalen Resolver für DNS-over-TLS einrichten - trash

According to my connection information I'm not using DNS over TLS. If you need more information I can upload the unbound.log. server: # If no logfile is specified, syslog is used logfile: /var/log/unbound/unbo 公共DNS-over-HTTPS和DNS-over-TLS服务器 一、国内服务商 1、阿里公共DNS. 阿里提供的DNS,测试阶段,存在污染。 DoT地址 Our public DNS service offers DNS over HTTPS (DoH) and DNS over TLS (DoT), with QNAME minimization and basic ad blocking. It has been audited by the security experts at Assured.You can use this privacy-enhancing service even if you don't use Mullvad Note your endpoint's name in the section Endpoints > DNS-over-TLS. It has the format YOUR-ID.dns.nextdns.io. Step 2: Configure Your Router to Use NextDNS . Finalize the setup by configuring your router with the NextDNS servers as follows: In the Fritz!Box UI, navigate to Internet > Type of Connection > DNS Server > DNS over TLS (DoT) Enable the following checkboxes: Encrypted name resolution. DNS over HTTPS - Windows 11 (Native) DNS over TLS - Ubuntu 18.04 / 20.04 (Stubby) DNS over TLS - Ubuntu 20.04 (Native) DNS over TLS - Windows 10 (Stubby /w GUI) Set Up: dnscrypt-proxy for macOS; Set Up: Stubby for macOS; Setup SimpleDNSCrypt Windows 10 Using DNSCrypt protocol; Setup SimpleDNSCrypt Windows 10 Using DNS over HTTP

DNS over TLS FritzBox aktivieren - Der Windows Papst - IT

DNS-over-TLS (DoT) DoT - like DoH - encrypts DNS traffic between the client and the resolver but does not make use of HTTPS. It encapsulates DNS traffic directly in TLS which means less metadata (better). Unfortunately main browser vendors choose to implement DoH only. Modern Android versions support DoT. We operate the following DoT servers: dot1. IPv4 address: 146.255.56.98; IPv6 address. Public Recursor Enhancements. The public recursors at 74.82.42.42 / 2001:470:20::2 / ordns.he.net now also support DNS over TLS (DoT) and DNS over HTTPS (DoH) for those who wish to use those interfaces. How to adjust your applications or local resolver to use that functionality is very dependent on what you're using, so please check with your. For instance, the Server Name Identification (SNI) TLS extension includes the web server name being visited in plain-text, and leaks information about visited web sites even when employing HTTPS. Concerning DNS over HTTPS (DoH): [RFC8484] specifies how to send and receive DNS queries over HTTPS Domain dns.hostux.net DNS over TLS ( DoT ) is best to be configured globally for the entire operating system. A few clients already support the protocol, and the easiest way is to configure systemd to use it - DoT (DNS over TLS) mittels FRitz Box Beta Firmware aktiviert (mehrere Anbieter wurden ausprobiert) Grundsätzlich hat dieses Setup funktioniert, aber immer mal wieder versagte die DNS-Auflösung bei manchen Adressen. Abhilfe schaffte dann i.d.R. Ausschalten von IPv6 und/oder Rückfall auf Provider DNS

DNS-over-TLS (DoT) ist eine neue Technologie, um DNS-Anfragen zu verschlüsseln. Dies soll den Nutzer vor Manipulation und Ausspähung der Namensauflösung durch Man-in-the-middle-Angriffe schützen. Mit der Standardisierung durch die Internet Engineering Task Force (IETF) und der Unterstützung in der kürzlich veröffentlichten neuen Android-Version Pie entwächst diese. How on earth can I use DNS over TLS on Debian. One of them suggests using this thing called stubby. Method 1 - Stubby. Stubby is an easy program that works on some Linux distributions which allow users to send DNS queries over TLS. The Stubby tool works on Ubuntu Linux, Debian Linux, and Arch Linux. To install this tool,--snip--- Stubby for DNS over TLS I DNSCrypt v2 by mac913: Back to top: Sponsor: vibranto DD-WRT User Joined: 30 Apr 2010 Posts: 64: Posted: Fri May 24, 2019 14:09 Post subject: Orig I posted this in another thread with the post below which had come up on a search, before noticing it was a Broadcom forum etc. etc. so - this seems better forum/thread to add it to... mbze430 wrote: I have been looking at.

We support DoT (DNS over TLS), DoH (DNS over HTTPS) and DNSSEC Domain Name System Security Extensions (DNSSEC) digitally sign the data of the Domain Name Server. DNSSEC is an important and essential technology for everyone. Easy to use. feloDNS Adblocker is an alternative solution for blocking ads, protecting privacy and parental controls. Easy to set up and free to use, it provides a minimum. DNS over TLS. Der noch recht junge Standard DNS over TLS (DoT, RFC 7858) soll drei Probleme von DNS und DNSSEC lösen: Es soll die Privatsphäre der Anwender gegen Lauscher schützen, das. DNS-over-HTTPS: Deutsche Provider sitzen DoH vorerst aus. Anfragen von Golem.de an deutsche Provider zeigen, dass diese die Einführung von DNS-over-HTTPS (DoH) durch Google und Mozilla zwar. DNS-over-TLS. DoT is a protocol for wrapping DNS queries in a layer of TLS encryption. This is encrypted so it's much more secure than plaintext and highly recommended. DNS-over-HTTPS. DoH is a protocol for sending DNS queries to a server over HTTPS, the same thing your browser uses. This is encrypted so it's much more secure than plaintext and.

DNS over TLS (DoT) is a network security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. While DNS-over-TLS is applicable to any DNS transaction, it was first. Windows 10: Microsoft aktiviert TLS 1.3. Die neueste Version des Sicherheitsprotokolls ist nun in Windows-10-Insider-Builds enthalten. Auch Internet Explorer 11 und Legacy Edge unterstützen TLS 1.3 While unbound has some support for DNS over TLS, it's not as reliable or as fast as another tool called stubby. So we'll configure unbound to handle blacklisting and caching, then hand the work of talking to the upstream DNS servers over to stubby. Stubby is the tool that will actually handle talking to your remote servers using DNS over TLS on port 853. apt-get install stubby ought to. @qyb 用 dns.rubyfish.cn:853,提示: WARN[0033] Dial DNS-over-TLS upstream failed: x509: certificate signed by unknown authority. 用 dns.rubyfish.cn:853@115.159.154.226,提示: WARN[0027] Dial DNS-over-TLS upstream failed: x509: cannot validate certificate for 115.159.154.226 because it doesn't contain any IP SAN

DNS over HTTPS (DoH) support appeared on Windows 10 2004 build (May 2020 Update). Now Windows 10 can resolve names over HTTPS protocol using the built-in DoH client. In this article we'll tell what DNS over HTTPS protocol is used for, how to enable and use it on latest Windows 10 builds. When your computer connects to a DNS server to resolve names, it sends and receives DNS requests. DNS over TLS (DoT) and DNS over HTTPS (DoH) sound like they would be interchangeable terms for the same thing. And they do actually accomplish the same thing - encrypting DNS requests - but there's one big difference: the port they use. And while it may seem silly for something that sounds so simple to have created two totally divided camps with deeply entrenched beliefs about which is.

DNS-over-HTTPS und DNS-over-TLS Unterstützung [ffmuc

Der Dienst unterstützt sowohl DNS over TLS (DOT) als auch DNS over HTTPS (DOH). In den vergangenen Jahren wird immer klarer, dass das klassische DNS große Sicherheitslücken hat, weil eine Verschlüsselung fehlt. Das führt vermehrt zu Angriffen per DNS Hijacking. Die neuen Techniken bieten effektiven Schutz gegen Cyberkriminelle, aber auch gegen Zensur durch Regierungen. Zusätzlich. Aktualisieren Sie NET Framework 4.6 und frühere Versionen, um TLS 1.1 und TLS 1.2 zu unterstützen. Weitere Informationen finden Sie unter .NET Framework Versionen und Abhängigkeiten.. Wenn Sie .NET Framework 4.5.1 oder 4.5.2 auf Windows 8.1, Windows Server 2012 R2 oder Windows Server 2012 verwenden, wird dringend empfohlen, die neuesten Sicherheitsupdates für .Net Framework 4.5.1 und 4.5.2. DNS mediante TLS (DoT, siglas en inglés de DNS over TLS) es un protocolo de seguridad para cifrar y ajustar las consultas y respuestas del sistema de nombres de dominio a través del protocolo de seguridad de la capa de transporte ().El objetivo del método es aumentar la privacidad y la seguridad del usuario mediante la prevención de escuchas ilegales y la manipulación de los datos del DNS. You can now also verify that your DNS requests are being made over HTTPS by visiting Cloudflare's ESNI Checker tool.After running the test, the first two columns (Secure DNS and DNSSEC) should both be green 单击DNS 服务器分配项目上的编辑。 将设置从自动(DCHP)切换到手动 。 点击 IP4 按钮。 在出现的表格中,在首选 DNS 字段中输入 8.8.8.8,并选择 Encrypt- only(DNS over HTTPS)。你可以使用其他的 DoH 服务。 在备用 DNS 字段中,在首选 DNS 字段中输入 1.1.1.1,并.

DNS-over-HTTPS und DNS-over-TLS Unterstützung - ffmuc

Cisco VPN client for Android bug report that DNS resolution fails for the VPN tunnel for 1) Android 10, 2) Private DNS is Enabled or Private DNS is in Automatic mode and the public network DNS servers are capable of DNS over TLS, and 3) Split include tunnel configuration. This also sounds very much like the symptoms seen here. Unfortunately seeing the details of the Cisco bug report or any. This how-to walks you through installing and configuring Stubby as DNS-over-TLS stub resolver to communicate securely with the Quad9 DNS service. This increases your online privacy

DNS-over-TLS happens, by necessity, over TCP. Your interesting client support scenario would require that. dnsmasq receive queries over UDP and forward then over TCP-with-TLS. Dnsmasq is optimised to forward DNS-over-UDP queries very efficiently. It does a passable job forwarding DNS-over-TCP Technitium DNS Server is an open source software that can be effectively used to block Internet Advertisements (Ads), adware, and malware on your computer or your local network using publicly available block lists. Combined with DNS-over-TLS and DNS-over-HTTPS, Technitium DNS Server provides a good level security and privacy from network level DNS attacks and from adware Dns-over-tls heeft een eigen poort die gemakkelijk te blokkeren isEén poort. Ook dit proces heeft echter zijn nadelen. Dns-over-https-verkeer loopt via poort 443, de poort waar al het andere. How to use DNS over TLS in 20.7.3. Home; Help; Search; Login; Register; OPNsense Forum » Archive » 20.7 Legacy TCP - src any - dest WAN net - destport DNS « Last Edit: January 08, 2021, 05:07:59 pm by Layer8 » Logged ChrisChros. Jr. Member; Posts: 57; Karma: 1; Re: How to use DNS over TLS in 20.7.3 « Reply #24 on: January 11, 2021, 10:08:38 pm » Hi, just for my understanding. If I. I'm using systemd-resolved on Arch Linux with DNSSEC set to the default (allow-downgrade) and DNS-over-TLS set to opportunistic. I've configured it to use Cloudfare's 1.1.1.1 DNS. This is what it looks like without DNS

Gelöst: Arbeitet die Telekom an DNS over TLS oder DNS Over

I read in the release notes for 21.1. As we continue to deprecate custom configuration inputs for a number of reasons, Dnsmasq has been switched to a pluggable file-based approach [1] with Unbound to follow in the upcoming 21.7 series. If no custom config is possible in the GUI, will OPNsense support DNS-over-TLS via GUI (as pfsense does for. Zunächst versucht die FRITZ!Box, die globale Adresse aus dem Router Advertisement zu lernen. Wenn das fehlschlägt, wird eine Adresse aus dem ersten /64-Subnetz des gelernten Präfixes verwendet. Statische Einstellungen nutzen. Hier können Sie die IPv6-Unterstützung der FRITZ!Box aktivieren und einrichten. IPv6-Unterstützung

Gelöst: Telekom hilft Labor: Testet mit uns „DNS over HTTP

What is mutual TLS (mTLS)? Mutual TLS, or mTLS for short, is a method for mutual authentication. mTLS ensures that the parties at each end of a network connection are who they claim to be by verifying that they both have the correct private key.The information within their respective TLS certificates provides additional verification.. mTLS is often used in a Zero Trust security framework* to. AS15600. AS15600 is the ASN used by the Quickline Group to provide connectivity for the Quickline customers spread out over 24 partners consisting of about 400.000 households in Switzerland providing Quad-Play services (Internet, TV, Telephone, Mobile) for residential and small business users.. This page contains technical details. Consumer and product information can be found on www.quickline.ch Plain, DNS over HTTPS and TLS, DNSCrypt and Anonymized DNS; DNSSEC with local validation; IPv4 and IPv6; Flexible rules . Define multiple DNS servers and resolve through them based on the hostname mask and hosts files; Specify the network interface (ethernet, Wi-Fi, VPN, etc) that is used for the resolve; Enhanced DNS security. Name resolution over encrypted channels provided by DNS over HTTPS.

DNS-over-TLS improves privacy and security between clients and resolvers. This complements DNSSEC and protects DNSSEC-validated results from modification or spoofing on the way to the client. How it Works Note: This section gives an overview of DNS-over-TLS operation when talking to the Google Public DNS resolver (with the name dns.google). If you are interested in more details, please read. Just like any TLS-based communication, a DoT DNS client first reaches out to the DoT-enabled DNS server on port 853 and performs a TLS handshake. The DoT client receives the server's certificate, somehow validates it (more on this later), then generates a symmetrical encryption key that they both agree on (such as AES) for the actual data encryption. In short, DoT uses the same technology. DNS over TLS (DoT) is one way to send DNS queries over an encrypted connection. Cloudflare supports DNS over TLS on standard port 853 and is compliant with RFC7858. Open external link. With DoT, the encryption happens at the transport layer, where it adds TLS encryption on top of the user datagram protocol (UDP). How it works. Cloudflare supports DNS over TLS (DoT) on 1.1.1.1 and 1.0.0.1 on.

Benutzerdefiniertes DNS einrichten - Nickle

dns.quad9.net ([2620:fe::fe]:853) In order to enable DNS over TLS, I think I need to use those dns servers QUESTIONS: 1. I want to enable DNS over TLS and Internal DNS as well to solve internal server name I think if I can't use DNS over TLS if I point to Internal DNS Can I use split DNS like this config system dns-database edit company1.com set domain company1.com set authoritative. Von Roman (romanf auf trash.net) Unsere offenen DNS Resolver sind auch über DNS-over-TLS (DoT) erreichbar. Eine Beschreibung findest Du im übergeordneten Artikel Offener DNS Resolver DNS over TLS using BIND and Nginx. Since our BIND server currently does not support TLS secured queries natively, we will be using Nginx rather than Stunnel to provide a secured endpoint. Not only is Nginx already part of our system, it also allows more granular configuration. We will proxy the requests to our local BIND instance DNSCrypt only supports DNS-over-HTTPS. Also DNSCrypt will randomly choose DNSes unless you set it (in Simple DNSCrypt) to use a specific DNS only. I still don't think adding DNS features (e.g. DNSCrypt, DNS-over-HTTPS, DNS-over-TLS) to the AG desktop apps is a good idea, since it'd only apply to the apps AG is filtering and not the entire. Enter dns.quad9.net and select Save. That's it; you're done! Quad9 now protects you with anti-malware security, and your DNS requests on Android 9 are encrypted. More about DNS-over-TLS. The protocol used by Private DNS is an industry standard called DNS-over-TLS which has been available on all Quad9 instances worldwide since our launch. By encrypting DNS traffic, your security and.

Video: Tutorial to setup DNS-over-TLS (DoT) - Antoine Aflal

Vertrauenswürdige DNS-Serve

这就是 DNS over HTTPS (下文简称 DoH)和 DNS over TLS (下文简称 DoT )技术要做的事。 他们分别利用 HTTPS ( 超文本传输安全协议 )和 TLS( 传输层安全协议 )这两种行业通用的安全协议,将我们的 DNS 请求发往 DNS 服务器 I am currently running pfsense version 2.4.4 (p2) and have tried to enable DNS over TLS by ticking Enable DNSSEC support, Enable Forwarding Mode and Use SSL/TLS for ourgoing DNS Queries to forwarding servers (under DNS Resolver - General Settings). I have also configured the DNS Forwarders as Quad 9 (9.9.9.9 and 149.112.112.112 - under System - General) However, when I then do a packet capture. DNS over TLS seeks to close this huge privacy gap. When your operating system says your connection is secured, it's only talking basic security. Why unencrypted DNS is a problem. There was a time when we valued a reasonable amount of privacy over corporate profits. DNS over TLS is something we need to bring that back. DNS acts like the internet's phone book. Rather than having to remember. Create DNS-over-TLS bridge with Pi-hole, unbound and stubby on Ubuntu Server. Few months ago, I've made a similar work but I wanted something a little more easier to manage

DNS over TLS - Wikipedi

Today I'm going to talk about DNS over HTTPS misuse or abuse. You might've heard or it's been in the news recently about the use of DNS over HTTPS, or DNS over TLS to improve privacy of DNS. Just a quick nitpick: DNS over HTTPS (not to be confused with DNS over TLS) is completely separate from DNSSEC. You can gain the integrity benefits of DNSSEC without using DoH, just as you can have the privacy benefits of DoH (or DoT) without using DNSSEC. The best method, of course, would be to use both, if possible Testing DNS over TLS¶. There are several ways to validate that outbound queries are using DNS over TLS. Test via Diagnostics > DNS Lookup (DNS Lookup) and ensure the results from 127.0.0.1 are correct.. Check for states using port 853 going to the DNS servers in the configuration (Firewall States) like those in Example State Table contents for DNS over TLS queries

In the GUI, go to Settings -> DNS, and set a custom IPv4 server with the value 127.0.0.1#5533. Now we must restart Pi-hole: sudo systemctl restart pihole-FTL. and voila! The upstream DNS requests sent from your Pi-hole will be encrypted using TLS. As mentioned earlier, DNS-over-TLS is not a perfect solution to your privacy concerns DNS overview A Domain Name System (DNS) server matches domain names like www.netgear.com to their IP addresses. Instead of having to remember a website's IP address, you can enter the domain name. Encrypted DNS connections Encrypted DNS connections are either DNS over TLS (DoT) or DNS over HTTPS (DoH). These connections keep the communication between your router and DNS servers secure encryption: the DNS traffic is encrypted and cannot by intercepted or manipulated by someone in the middle (my ISP, my employer, etc). coredns. This is what I'm using for resolving in Firefox with TRR. The idea is that a DNS-over-HTTPS proxy resolver connects to DNS-over-TLS upstream, based on coredns. Corefile with multiple upstream servers