Highest Voted 'doh' Questions - IT Security Stack Exchange

25

votes

5 answers

Why is DNS-over-HTTPS such a big security nightmare compared to DNS-over-TLS?

I've heard the argument against DNS-over-HTTPS that it is supposed to be a security nightmare for network defenders because it enables encrypted DNS over port 443, compared to DNS-over-TLS which goes through port 853. I don't understand this…

asked Aug 06 '20 at 07:08

hilltothesouth

417
4
9

8

votes

1 answer

What does using Cloudflares WARP app offer that HTTPS (websites) alongside DNS over HTTPS / TLS doesn't?

Intoduction to Cloudflare WARP I’ve been looking at Cloudflares WARP app for mobile. It claims to be a VPN but without some of the IP hiding anonymity features normal VPNS have: “Under the covers, WARP acts as a VPN. But now in the 1.1.1.1 App, if…

encryption tls cloudflare doh dot

asked Sep 20 '20 at 12:47

SneakyShrike

183
1
5

4

votes

3 answers

Why are DNS requests visible with DNS over HTTPS enabled?

So, Firefox 73 rolled out today and with it comes a new DNS option called NextDNS. I thought of giving it a shot and clicked "Enable DNS over HTTPS" and selected NextDNS. Now, my understanding of HTTPS is that it encrypts the traffic (to provide…

tls dns doh

asked Feb 12 '20 at 18:56

7_R3X

606
3
12
25

3

votes

1 answer

What does DNS-over-HTTPS actually do?

I don't mean a technical breakdown of how the technology works but what does it do for me, the end user. For instance, does it prevent my ISP or network admin from seeing/logging the sites I connect to similar to how HTTPS prevents them from seeing…

doh

asked Feb 27 '20 at 23:57

Frank

41
1

2

votes

0 answers

using DoH/DoT with your ISP?

Is there a point to using DoT or DoH while your DNS is your ISP from a security (not privacy) standpoint? Assuming I trust my home network, could there be something along the way between my ISP and me that MitM (or some other attack?) me? If this is…

dns doh dot

asked Aug 25 '21 at 14:46

Nullman

215
1
6

1

vote

1 answer

Why is someone requesting /doh/family-filter and similar paths?

Recently our server logs have been showing lots of requests to urls like the following: https://*.example.com/doh/family-filter and https://*.example.com/doh?dns=DUIBAAABAAAAA... (with our domain instead of example.com) I noticed that some of the…

doh

asked Mar 22 '22 at 12:46

djvg

443
5
10

1

vote

2 answers

Relationship between DoT / DoH and HTTPS

I'm trying to understand the different roles that DoT / DoH and HTTPS are playing when it comes to protecting sensitive data in the internet. I spend the day reading a lot of stuff about DoT, HTTPS, TCP and IP. But there is one thing that doesn't…

tls dns ip doh dot

asked Apr 10 '21 at 16:26

mu88

125
6

1

vote

1 answer

Privatebin URL/key interception?

I'm trying to figure out if it's possible while listening to the network to read URLs from the traffic. Since privatebin uses the encryption key in the URL, what process could be in use to prevent spies to see the full URL? I opened wireshark and…

tls doh

asked Feb 09 '21 at 11:24

Ozwel

161
7

1

vote

2 answers

What does using a VPN offers over HTTPS + DoH in terms of protection?

What are the security risks that someone using HTTPS (everywhere) + DoH is vulnerable to, comparing to someone using a "trusted" VPN?

http vpn http-proxy doh

asked Jan 20 '21 at 13:26

Luis Vasconcellos

113
6

1

vote

1 answer

How do DoT and DoH facilitate fingerprinting by resolver operators?

https://dnscrypt.info/faq/ states for both DNS over HTTPS and DNS over TLS that it Provides more information than regular DNS to resolver operators in order to fingerprint clients How so?

dns doh dot

asked Jul 29 '20 at 13:36

lucidbrot

135
1
6

1

vote

1 answer

Can I intercept DNS-over-HTTPS (DoH) or -TLS (DoT) in my home network?

Right now I am redirecting all local network DNS traffic to my Pi-hole install, since some device do or may in the future use hardcoded DNS servers to bypass filtering. Since DNS-over-HTTPS and DNS-over-TLS are becoming more common, I would like to…

dns filtering doh

asked Mar 18 '20 at 09:41

FarO

313
2
7

0

votes

0 answers

How can I add secure DNS (DoH) to Windows settings before Windows makes any connections to the Internet during installation?

Is there a way I can add DNS over HTTPS details to Windows settings before it makes the first connection to the Internet during installation? I'm using the latest version of Windows 11. Either by pressing Shift + F10 during boot process when…

tls dns doh windows-11

asked Sep 22 '22 at 20:50

lina

1

0

votes

2 answers

What's the use of encrypted DNS when ISP can see the IP address of the website?

I use an encrypted DNS server that supports DNSSEC and DoH, these features are useful for hiding from the ISP, VPN server provider etc. which website you are trying to look up, but eventually those parties will know which website you looked up and…

dns isp doh dot

asked Jul 05 '22 at 13:58

user279925

0

votes

1 answer

What happens if both DoH and DoT are enabled?

If I have DNS over HTTPS and DNS over TLS activated simultaneously (router has DoT activated and smartphone browser has DoH activated, so I see on https://1.1.1.1/help DoH: yes and DoT: yes), which one is used?

dns dnssec cloudflare doh dot

asked May 20 '22 at 15:18

iwab

71
2

0

votes

0 answers

DNS over HTTPS (DoH)

DNS over HTTPS aims to increase user privacy and security by preventing eavesdropping and manipulation of DNS data using the HTTPS protocol to encrypt the data between the client and the DoH based DNS resolver. source If a client uses DoH and…

dns doh

asked Oct 17 '20 at 17:37

user215422

75
1
1
7

Questions tagged [doh]