Sending all your requests to a single DNS point is bad security. Best just 'spreading' your DNS out, so use a mix of Quad9, Google, OpenDNS, Cloudflare 1.1.1.1 etc
I live by the motto: Don't put all your eggs in one basket
diablo1 | 4 years ago
What do you mean by a honeypot? Do you mean if they're running a scam, or actually a honeypot and you're running a scam that could be found?
viraptor | 4 years ago
I think you have to trust your DNS resolver or choose a new one. You can compare the results of different resolvers but I'm not aware of any solutions out of the box. For example:
dig example.com A
compare against
dig example.com A @dns.google.com
etc
elliottinvent | 4 years ago
If you mean they give a different answer specifically for you, then you would have to mirror your requests to multiple providers and the root servers to see who is not telling the truth. Perhaps build a web UI like this [1] or write a script to select some of your commonly requested names and query all the servers. At times you can expect answers to differ, as people change DNS and TTL will expire from caches at different times. Some sites may give a different IP based on the source location of your DNS client if they are doing GSLB and not using Anycast.
In a script you might use the "dig" command with options like this so you can see when the TTL is about to expire.
[1] - https://www.whatsmydns.net/#NS/ycombinator.com