Simon Zerafa<p>Currently doing some DNS testing via my ISP (Ogi) here in Wales at it seems that at the moment <span class="h-card" translate="no"><a href="https://social.aa.net.uk/@aaisp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>aaisp</span></a></span> has the second fastest DNS over HTTPS resolvers available!</p><p>'DNS over HTTPS | Min | Avg | Max |Std.Dev| Median|<br> ----------------+-------+-------+-------+-------+-------+</p><ul><li>Average Delay | 0.012 | 0.014 | 0.015 | 0.001 | 0.013 |</li><li>Cached Name | 0.012 | 0.012 | 0.012 | 0.000 | 0.012 |</li><li>Uncached Name | 0.013 | 0.014 | 0.014 | 0.001 | 0.013 |</li><li>DotCom Lookup | 0.015 | 0.015 | 0.015 | 0.000 | 0.015 |---<-------->---+-------+-------+-------+-------+-------+ <a href="https://dns.aa.net.uk/dns-query" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">dns.aa.net.uk/dns-query</span><span class="invisible"></span></a> ANDREWS ARNOLD LTD'</li></ul><p>Being a smidgen faster that Quad9 and NextDNS. Not too shabby! 😉🖖</p><p><a href="https://infosec.exchange/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://infosec.exchange/tags/UK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UK</span></a> <a href="https://infosec.exchange/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://infosec.exchange/tags/Internet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Internet</span></a> <a href="https://infosec.exchange/tags/Performance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Performance</span></a> <a href="https://infosec.exchange/tags/AAISP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AAISP</span></a></p>
Recent searches
No recent searches
Search options
Not available on mastodon.xyz.
mastodon.xyz is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Mastodon instance, open to everyone, but mainly English and French speaking.
Administered by:
Server stats:
739active users
mastodon.xyz: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#dnsoverhttps
0 posts · 0 participants · 0 posts today
Burkhard :mastodon: :windows:<p><span class="h-card" translate="no"><a href="https://social.tchncs.de/@tarnkappeinfo" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tarnkappeinfo</span></a></span> <br>Hallo,<br>schöner Artikel - ich habe jedoch ein paar Nachfragen dazu:</p><p>* Warum hat Ihr in Eurem Artikel den neuen europäischen DNS-Resolver DNS4EU nicht erwähnt? Gib es bei dem irgendwelche Gründe, die gegen eine Nutzung sprechen?</p><p>* Ihr habt hier die Verwendung von DNS over HTTPS beschrieben - gibt es einen Grund DNS over TLS (DoT) _nicht_ zu verwenden?</p><p>* Ihr beschreibt nur die Einstellungen für einen Windows 11-Rechner? Keine Beschreibung für das Smart-Phone - egal ob Android oder IOS - für den Betrieb außerhalb des Heimnetzes ... Spricht etwas gegen die Eintragung auf dem Home-Router (z.B. FRITZ!Box) für alle Geräte im Heimnetz?</p><p><a href="https://social.tchncs.de/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://social.tchncs.de/tags/DNSoverTransportLayerSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverTransportLayerSecurity</span></a> <br><a href="https://social.tchncs.de/tags/Fritzbox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fritzbox</span></a><br><a href="https://social.tchncs.de/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a> <a href="https://social.tchncs.de/tags/IOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IOS</span></a></p>
Tarnkappe.info<p>📬 DNS over HTTPS Windows: So geht’s ganz einfach<br><a href="https://social.tchncs.de/tags/Anleitungen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Anleitungen</span></a> <a href="https://social.tchncs.de/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Datenschutz</span></a> <a href="https://social.tchncs.de/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://social.tchncs.de/tags/DNSAbfragen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSAbfragen</span></a> <a href="https://social.tchncs.de/tags/DoHaktivieren" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoHaktivieren</span></a> <a href="https://social.tchncs.de/tags/ITSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITSecurity</span></a> <a href="https://social.tchncs.de/tags/Verschl%C3%BCsselung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Verschlüsselung</span></a> <a href="https://social.tchncs.de/tags/Windows11" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows11</span></a> <a href="https://sc.tarnkappe.info/e9f23a" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">sc.tarnkappe.info/e9f23a</span><span class="invisible"></span></a></p>
🚀 Несерьёзный Выдумщик 👨🔬<p>Кого из провайдеров DNS-over-HTTPS выбрать и где найти перечень доступных? Есть вот такой <a href="https://github.com/crypt0rr/public-doh-servers/blob/main/dns.list" rel="nofollow noopener noreferrer" target="_blank">список</a><span><br>Для использования добавлять суффикс </span><code>/dns-query</code> указывая DoH-провайдера в настройках браузера. Должно получаться нечто вроде: <code>https://dns1.nextdns.io/dns-query</code><span><br><br>На скриншоте пример с Firefox, а в том же </span><a href="https://shitpost.poridge.club/tags/Vivaldi" rel="nofollow noopener noreferrer" target="_blank">#Vivaldi</a> ещё нет настроек DoH и вот только-только <a href="https://vivaldi.com/blog/desktop/dns-over-https-vivaldi-browser-snapshot-3731-3/" rel="nofollow noopener noreferrer" target="_blank">появляется</a><span>.<br><br></span><i><i>Это лишь о настройке веб-браузеров, т.к. заворачивания в системе всего DNS-трафика в DoH является отдельной темой. Каким образом программы выполняют работу с DNS хорошо расписано в публикациях сродни <a href="https://www.pvsm.ru/linux/422897" rel="nofollow noopener noreferrer" target="_blank">«Как работает DNS в Linux. Часть 1»</a> — почему и каким образом могут идти в обход настроек в системе. Та же проблема, что и при работе софта через прокси — запросы к DNS могут «утекать» мимо, хотя трафик при этом и будет гнаться через проксю.</i></i><span><br><br></span><a href="https://shitpost.poridge.club/tags/DNS" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> <a href="https://shitpost.poridge.club/tags/privacy" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://shitpost.poridge.club/tags/security" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://shitpost.poridge.club/tags/DoH" rel="nofollow noopener noreferrer" target="_blank">#DoH</a> <a href="https://shitpost.poridge.club/tags/DNS-over-HTTPS" rel="nofollow noopener noreferrer" target="_blank">#DNS-over-HTTPS</a> <a href="https://mastodon.social/@russian_mastodon" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@russian_mastodon@mastodon.social</a> <a href="https://3zi.ru/@Russia" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Russia@3zi.ru</a></p>
MOVED to: https://mastodon.au/@Linux<p><span>Dynamic between DNS-over-HTTPS, DNS-over-TLS, DNS-over-QUIC, with DNS-over-IP Fallback.<br><br>Why pick one, when you can have them all?<br><br></span><a href="https://discourse.nixos.org/t/dynamic-between-dns-over-https-dns-over-tls-dns-over-quic-with-dns-over-ip-fallback/64968" rel="nofollow noopener noreferrer" target="_blank">https://discourse.nixos.org/t/dynamic-between-dns-over-https-dns-over-tls-dns-over-quic-with-dns-over-ip-fallback/64968</a><span><br><br></span><a href="https://mk.absturztau.be/tags/DNS" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> <a href="https://mk.absturztau.be/tags/Linux" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://mk.absturztau.be/tags/NixOS" rel="nofollow noopener noreferrer" target="_blank">#NixOS</a> <a href="https://mk.absturztau.be/tags/Nix" rel="nofollow noopener noreferrer" target="_blank">#Nix</a> <a href="https://mk.absturztau.be/tags/DnsOverHttps" rel="nofollow noopener noreferrer" target="_blank">#DnsOverHttps</a> <a href="https://mk.absturztau.be/tags/DnsOverTls" rel="nofollow noopener noreferrer" target="_blank">#DnsOverTls</a> <a href="https://mk.absturztau.be/tags/DnsOverIp" rel="nofollow noopener noreferrer" target="_blank">#DnsOverIp</a> <a href="https://mk.absturztau.be/tags/DnsOverQuic" rel="nofollow noopener noreferrer" target="_blank">#DnsOverQuic</a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@laird" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>laird</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.bsd.cafe/@nuintari" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nuintari</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@todb" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>todb</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@malwaretech" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>malwaretech</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@iagox86" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>iagox86</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@charlvdwalt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>charlvdwalt</span></a></span> <span class="h-card" translate="no"><a href="https://mamot.fr/@pluralistic" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>pluralistic</span></a></span> I guess the only workaround is to use <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TorBrowser</span></a> and/or use <a href="https://infosec.space/tags/DNSoverTLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverTLS</span></a> / <a href="https://infosec.space/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> to verify said <a href="https://infosec.space/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> results.</p><p>I have <a href="https://github.com/greyhat-academy/lists.d/blob/main/dns.servers.list.tsv" rel="nofollow noopener noreferrer" target="_blank">a list of Servers ready</a> for the latter. I do recommend <a href="https://infosec.space/tags/OpenNIC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenNIC</span></a> personally... </p><ul><li>Feedback & Contributions welcome...</li></ul>
Daniël Franke :panheart:<p>So, on a lark, I got the cheapest EU cloud instance I could find, and I set up <a href="https://social.ainmosni.eu/tags/adguard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AdGuard</span></a> and enabled <a href="https://social.ainmosni.eu/tags/dnsoverhttps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a>.<br><br>Then I loaded the <a href="https://social.ainmosni.eu/tags/doh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a> profile into my mobile devices and now I have ad blocking, encrypted DNS no matter where I am.<br><br>This is a huge quality of life improvement, one fewer vector for <a href="https://social.ainmosni.eu/tags/ads" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ads</span></a> to attack my mental health.</p>
Dariusz Więckiewicz :verified:<p>🇬🇧 𝗦𝗲𝗰𝘂𝗿𝗶𝗻𝗴 𝗗𝗡𝗦 𝗧𝗿𝗮𝗳𝗳𝗶𝗰 𝗼𝗻 𝗪𝗶𝗻𝗱𝗼𝘄𝘀 𝟭𝟭 𝘄𝗶𝘁𝗵 𝗖𝗹𝗼𝘂𝗱𝗳𝗹𝗮𝗿𝗲 𝗳𝗼𝗿 𝗙𝗮𝗺𝗶𝗹𝗶𝗲𝘀</p><p>𝖫𝖾𝖺𝗋𝗇 𝗁𝗈𝗐 𝗍𝗈 𝗌𝖾𝖼𝗎𝗋𝖾 𝖣𝖭𝖲 𝗍𝗋𝖺𝖿𝖿𝗂𝖼 𝗈𝗇 𝖶𝗂𝗇𝖽𝗈𝗐𝗌 𝟣𝟣 𝗎𝗌𝗂𝗇𝗀 𝖢𝗅𝗈𝗎𝖽𝖿𝗅𝖺𝗋𝖾 𝖿𝗈𝗋 𝖥𝖺𝗆𝗂𝗅𝗂𝖾𝗌. 𝖥𝗈𝗅𝗅𝗈𝗐 𝗌𝗍𝖾𝗉-𝖻𝗒-𝗌𝗍𝖾𝗉 𝗂𝗇𝗌𝗍𝗋𝗎𝖼𝗍𝗂𝗈𝗇𝗌 𝗍𝗈 𝖾𝗇𝖺𝖻𝗅𝖾 𝖾𝗇𝖼𝗋𝗒𝗉𝗍𝖾𝖽 𝖣𝖭𝖲 𝖺𝗇𝖽 𝖻𝗅𝗈𝖼𝗄 𝗆𝖺𝗅𝗐𝖺𝗋𝖾 𝗈𝗋 𝖺𝖽𝗎𝗅𝗍 𝖼𝗈𝗇𝗍𝖾𝗇𝗍. 𝖨𝗆𝗉𝗋𝗈𝗏𝖾 𝗇𝖾𝗍𝗐𝗈𝗋𝗄 𝗌𝖾𝖼𝗎𝗋𝗂𝗍𝗒 𝗐𝗂𝗍𝗁𝗈𝗎𝗍 𝗂𝗇𝗌𝗍𝖺𝗅𝗅𝗂𝗇𝗀 𝖾𝗑𝗍𝗋𝖺 𝗌𝗈𝖿𝗍𝗐𝖺𝗋𝖾. 𝖯𝖾𝗋𝖿𝖾𝖼𝗍 𝖿𝗈𝗋 𝗁𝗈𝗆𝖾 𝗈𝗋 𝗐𝗈𝗋𝗄𝗉𝗅𝖺𝖼𝖾 𝗌𝖾𝗍𝗎𝗉𝗌!</p><p><a href="https://dariusz.wieckiewicz.org/en/securing-dns-traffic-on-windows-11-with-cloudflare-for-families/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dariusz.wieckiewicz.org/en/sec</span><span class="invisible">uring-dns-traffic-on-windows-11-with-cloudflare-for-families/</span></a></p><p><a href="https://seocommunity.social/tags/Windows11" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows11</span></a><br><a href="https://seocommunity.social/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a><br><a href="https://seocommunity.social/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cloudflare</span></a></p>
Mika<p>Bruh I'm still so confused about this - can any <a href="https://sakurajima.social/tags/networking" rel="nofollow noopener noreferrer" target="_blank">#networking</a> people or anyone with <a href="https://sakurajima.social/tags/PiHole" rel="nofollow noopener noreferrer" target="_blank">#PiHole</a>/<a href="https://sakurajima.social/tags/Pi-hole" rel="nofollow noopener noreferrer" target="_blank">#Pi-hole</a><span> experience chime in and tell if my goal is privacy, and if I were to prioritise one, it'd be better privacy against my ISP, what should I use on my Pi-hole DNS server?<br><br>- </span><a href="https://sakurajima.social/tags/Unbound" rel="nofollow noopener noreferrer" target="_blank">#Unbound</a><span> as a recursive DNS server<br>- Enable </span><a href="https://sakurajima.social/tags/DNS-Over-TLS" rel="nofollow noopener noreferrer" target="_blank">#DNS-Over-TLS</a> (<a href="https://sakurajima.social/tags/DoT" rel="nofollow noopener noreferrer" target="_blank">#DoT</a>) using Unbound and upstream DNS provider set to something like <a href="https://sakurajima.social/tags/Cloudflare" rel="nofollow noopener noreferrer" target="_blank">#Cloudflare</a><span><br>- or Enable </span><a href="https://sakurajima.social/tags/DNS-Over-HTTPS" rel="nofollow noopener noreferrer" target="_blank">#DNS-Over-HTTPS</a> (<a href="https://sakurajima.social/tags/DoH" rel="nofollow noopener noreferrer" target="_blank">#DoH</a>) using <a href="https://sakurajima.social/tags/Cloudflared" rel="nofollow noopener noreferrer" target="_blank">#Cloudflared</a><span><br><br>I initially thought you could have Pi-hole be all three but I don't think so, no?</span></p>
:mima_rule: Mima-sama<p>Man, if <a href="https://makai.chaotic.ninja/tags/DNSoverHTTPS" rel="nofollow noopener noreferrer" target="_blank">#DNSoverHTTPS</a> is just this simple... :sagume_think:<span><br><br></span><a href="http://mima.localghost.org/dns/chaotic.ninja/AAAA" rel="nofollow noopener noreferrer" target="_blank">http://mima.localghost.org/dns/chaotic.ninja/AAAA</a><span><br></span></p><pre><code>#!/bin/sh
if [ $REQUEST_METHOD == "GET" ]
then
DNS_DOMAIN=$(echo "$QUERY_STRING" |
sed -n 's/^.*domain=\([^&]*\).*$/\1/p' |
sed "s/%20/ /g")
DNS_TYPE=$(echo "$QUERY_STRING" |
sed -n 's/^.*type=\([^&]*\).*$/\1/p' |
sed "s/%20/ /g")
[ -z $DNS_TYPE ] && DNS_TYPE=A
if [ -d "$DNS_DOMAIN" ]
then
DNS_STATUS="NOERROR"
LOCAL_REC="$DNS_DOMAIN/$DNS_TYPE"
[ -e "$LOCAL_REC" ] && DNS_REC=$(cat "$LOCAL_REC")
else
DIG_RESPONSE=$(dig +noall +answer +comments "$DNS_DOMAIN" "$DNS_TYPE")
DNS_STATUS=$(echo "$DIG_RESPONSE" | grep status | cut -d ':' -f 3 | cut -w -f 2 | cut -d ',' -f 1)
if [ $DNS_STATUS == "NOERROR" ]
then
DNS_ANSWER=$(echo "$DIG_RESPONSE" | grep IN)
DNS_REC=$(echo "$DNS_ANSWER" | cut -w -f 5-)
DNS_TTL=$(echo "$DNS_ANSWER" | cut -w -f 2)
fi
fi
fi
httpstatus()
{
case $1 in
200) httpsemantic="OK";;
404) httpsemantic="Not Found";;
esac
printf "HTTP/1.0 $1 $httpsemantic\r\n"
echo "Status: $1 $httpsemantic"
}
case $DNS_STATUS in
"NOERROR")
if [ ! -z "$DNS_REC" ]
then
httpstatus 200
echo "Cache-Control: private, max-age=$DNS_TTL"
ANSWER="$DNS_REC"
else
httpstatus 404
ANSWER="NOERROR, but no $DNS_TYPE record"
fi
;;
"NXDOMAIN")
httpstatus 404
ANSWER="$DNS_STATUS"
;;
esac
echo "Content-Type: text/plain"
echo
echo "$ANSWER"</code></pre><span><br>With the following </span><a href="https://makai.chaotic.ninja/tags/nginx" rel="nofollow noopener noreferrer" target="_blank">#nginx</a> directives too assuming you got a <a href="https://makai.chaotic.ninja/tags/fastcgi" rel="nofollow noopener noreferrer" target="_blank">#fastcgi</a><span> set up already:<br></span><pre><code>upstream dohexperiment {
server 127.0.0.1:80;
}
[...]
location ~ /dns/(.*)/(.*)$ {
proxy_pass http://dohexperiment/dns/index.cgi?domain=$1&type=$2;
}
location ~ /dns/(.*[^\/])$ {
proxy_pass http://dohexperiment/dns/index.cgi?domain=$1;
}</code></pre><span><br></span><a href="https://makai.chaotic.ninja/tags/DNS" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> <a href="https://makai.chaotic.ninja/tags/HTTP" rel="nofollow noopener noreferrer" target="_blank">#HTTP</a> <a href="https://makai.chaotic.ninja/tags/REST" rel="nofollow noopener noreferrer" target="_blank">#REST</a><span><br><br>RE: </span><a href="https://makai.chaotic.ninja/notes/9vyxx3nwty" rel="nofollow noopener noreferrer" target="_blank">https://makai.chaotic.ninja/notes/9vyxx3nwty</a><p></p>
Mauricio Teixeira 🇺🇸🇧🇷<p>I wrote a very basic <a href="https://hachyderm.io/tags/Ansible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ansible</span></a> playbook to help people set up <a href="https://hachyderm.io/tags/PiHole" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PiHole</span></a> with <a href="https://hachyderm.io/tags/DNSOverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSOverHTTPS</span></a> (<a href="https://hachyderm.io/tags/DoH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a>) directly installed on a Debian-based host (Raspberry Pi or small VM). It's available on my GitHub repo. I hope you find it useful! <a href="https://hachyderm.io/tags/HomeLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HomeLab</span></a> <a href="https://hachyderm.io/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosted</span></a><br><a href="https://github.com/badnetmask/miscelaneous/tree/main/ansible/pihole-doh" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/badnetmask/miscelan</span><span class="invisible">eous/tree/main/ansible/pihole-doh</span></a></p>
Ciourte Piaille<p>There should be a way to fill in a secondary server for DNS over HTTPS providers in Firefox.<br><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1563404" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">bugzilla.mozilla.org/show_bug.</span><span class="invisible">cgi?id=1563404</span></a></p><p><a href="https://piaille.fr/tags/Firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Firefox</span></a> <a href="https://piaille.fr/tags/DoH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a> <a href="https://piaille.fr/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://piaille.fr/tags/missingFeature" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>missingFeature</span></a></p>
Tarnkappe.info<p>📬 Proxy-Trojaner für macOS verbirgt sich in gecrackter Software<br><a href="https://social.tchncs.de/tags/Cyberangriffe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberangriffe</span></a> <a href="https://social.tchncs.de/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.tchncs.de/tags/Szene" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Szene</span></a> <a href="https://social.tchncs.de/tags/CommandandControlServer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CommandandControlServer</span></a> <a href="https://social.tchncs.de/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://social.tchncs.de/tags/KasperskyLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KasperskyLab</span></a> <a href="https://social.tchncs.de/tags/PKGInstallationsprogramm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PKGInstallationsprogramm</span></a> <a href="https://social.tchncs.de/tags/proxytrojaner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proxytrojaner</span></a> <a href="https://social.tchncs.de/tags/proxyserver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proxyserver</span></a> <a href="https://social.tchncs.de/tags/SergeyPuzan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SergeyPuzan</span></a> <a href="https://social.tchncs.de/tags/WebSocket" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebSocket</span></a> <a href="https://tarnkappe.info/artikel/it-sicherheit/malware/proxy-trojaner-fuer-macos-verbirgt-sich-in-gecrackter-software-284338.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tarnkappe.info/artikel/it-sich</span><span class="invisible">erheit/malware/proxy-trojaner-fuer-macos-verbirgt-sich-in-gecrackter-software-284338.html</span></a></p>
Matthew Gall<p>Just open sourced my new (experimental) DNS-over-HTTPs proxy, that distributes queries to upstream resolvers so that no provider has enough query data to attribute to a person.</p><p><a href="https://matthewgall.codes/matthew/doh-proxy" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">matthewgall.codes/matthew/doh-</span><span class="invisible">proxy</span></a></p><p>Or try it now by setting your browser to use <a href="https://freedom.mydns.network/dns-query" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">freedom.mydns.network/dns-quer</span><span class="invisible">y</span></a> (no logs, no filters) or for more paranoia, <a href="https://paranoia.mydns.network/dns-query" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">paranoia.mydns.network/dns-que</span><span class="invisible">ry</span></a> (no logs, no filters, no use of Google or Cloudflare upstreams)</p><p><a href="https://social.gall.family/tags/doh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>doh</span></a> <a href="https://social.gall.family/tags/oss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>oss</span></a> <a href="https://social.gall.family/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://social.gall.family/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://social.gall.family/tags/opsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opsec</span></a> <a href="https://social.gall.family/tags/dnsoverhttps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dnsoverhttps</span></a> <a href="https://social.gall.family/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dns</span></a></p>
ocdtrekkie<p>Days since DNS-over-HTTPS (DoH) silently screwed with me and caused me irritation: 0</p><p>(Obviously, days since it was DNS is also now also 0.)</p><p>My Windows machines all disable DoH in Firefox by policy, but apparently my Linux machine started to silently start using it and broke my stuff.</p><p><a href="https://mastodon.social/tags/doh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>doh</span></a> <a href="https://mastodon.social/tags/dnsoverhttps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dnsoverhttps</span></a></p>
Tobia Alberti<p>I have updated the <a href="https://hachyderm.io/tags/SecureDNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecureDNS</span></a> chapter of my Good Privacy Practices guide today: <a href="https://preciselyprivate.wordpress.com/good-privacy-practices/#secure-dns" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">preciselyprivate.wordpress.com</span><span class="invisible">/good-privacy-practices/#secure-dns</span></a></p><p>Feedback is welcome 🙂</p><p><a href="https://hachyderm.io/tags/PreciselyPrivate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PreciselyPrivate</span></a> <a href="https://hachyderm.io/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://hachyderm.io/tags/DNSOverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSOverHTTPS</span></a> <a href="https://hachyderm.io/tags/DoH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a></p>
John Shaft<p>Bref, Mozilla a activé <a href="https://piaille.fr/tags/EncryptedClientHello" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EncryptedClientHello</span></a> dans <a href="https://piaille.fr/tags/Firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Firefox</span></a> 118 , mais uniquement s'il est configuré pour utiliser <a href="https://piaille.fr/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a>.</p><p>Y en dans Chrome aussi, a priori avec les mêmes conditions pour en profiter (ça semblerait logique)</p><p><a href="https://www.nextinpact.com/article/72598/mozilla-deploie-encrypted-client-hello-pour-chiffrer-adresses-sites-visites" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">nextinpact.com/article/72598/m</span><span class="invisible">ozilla-deploie-encrypted-client-hello-pour-chiffrer-adresses-sites-visites</span></a></p>
MattPounsett<p>When <a href="https://fosstodon.org/tags/DoH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a> was being standardized, many of us warned the browser vendors pushing the technology that they were trading a minor improvement in users’ privacy (over technologies like <a href="https://fosstodon.org/tags/DoT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoT</span></a>) for a major decrease in user security. And, well… here we are…</p><p><a href="https://www.bleepingcomputer.com/news/security/chinese-hackers-use-dns-over-https-for-linux-malware-communication/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/chinese-hackers-use-dns-over-https-for-linux-malware-communication/</span></a></p><p><a href="https://fosstodon.org/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://fosstodon.org/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://fosstodon.org/tags/DNSoverTLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverTLS</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
Kevin Karhan :verified:<p><span class="h-card"><a href="https://catgirl.is/@me" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>me</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>BleepingComputer</span></a></span> that is a very serious and valid question that <span class="h-card"><a href="https://mozilla.social/@mozilla" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mozilla</span></a></span> <span class="h-card"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> need to answer.</p><p>Espechally since <a href="https://mstdn.social/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> can be abused to <a href="https://mstdn.social/tags/leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>leak</span></a> shit if misconfigured.</p><p>I disabled <a href="https://mstdn.social/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> since I have my stuff in my network secured...</p>
John Shaft<p>J'ai testé 5 minutes Windows 11 dans une VM VirtualBox pour essayer de voir comment y configurer <a href="https://piaille.fr/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> à l'échelle du système :<br>- Ça rame comme pas permis<br>- Impossible de d'améliorer ça (je pense que c'est la transparence qui fait ramer, mais faut une licence pour désactiver)<br>- Impossible de monter la résolution à plus de 1280×960 (licence toussa)<br>- Système en français, clavier en QWERTY, parce que<br>- Trouvé les paramètres DoH : marche pas, prend pas en compte les modifs</p><p>VM effacée</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload