DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol.
Questions tagged [doh]
15 questions
25
votes
5 answers
Why is DNS-over-HTTPS such a big security nightmare compared to DNS-over-TLS?
I've heard the argument against DNS-over-HTTPS that it is supposed to be a security nightmare for network defenders because it enables encrypted DNS over port 443, compared to DNS-over-TLS which goes through port 853.
I don't understand this…
hilltothesouth
- 417
- 4
- 9
8
votes
1 answer
What does using Cloudflares WARP app offer that HTTPS (websites) alongside DNS over HTTPS / TLS doesn't?
Intoduction to Cloudflare WARP
I’ve been looking at Cloudflares WARP app for mobile. It claims to be a VPN but without some of the IP hiding anonymity features normal VPNS have: “Under the covers, WARP acts as a VPN. But now in the 1.1.1.1 App, if…
SneakyShrike
- 183
- 1
- 5
4
votes
3 answers
Why are DNS requests visible with DNS over HTTPS enabled?
So, Firefox 73 rolled out today and with it comes a new DNS option called NextDNS. I thought of giving it a shot and clicked "Enable DNS over HTTPS" and selected NextDNS.
Now, my understanding of HTTPS is that it encrypts the traffic (to provide…
7_R3X
- 606
- 3
- 12
- 25
3
votes
1 answer
What does DNS-over-HTTPS actually do?
I don't mean a technical breakdown of how the technology works but what does it do for me, the end user. For instance, does it prevent my ISP or network admin from seeing/logging the sites I connect to similar to how HTTPS prevents them from seeing…
Frank
- 41
- 1
2
votes
0 answers
using DoH/DoT with your ISP?
Is there a point to using DoT or DoH while your DNS is your ISP from a security (not privacy) standpoint?
Assuming I trust my home network, could there be something along the way between my ISP and me that MitM (or some other attack?) me?
If this is…
Nullman
- 215
- 1
- 6
1
vote
1 answer
Why is someone requesting /doh/family-filter and similar paths?
Recently our server logs have been showing lots of requests to urls like the following:
https://*.example.com/doh/family-filter
and
https://*.example.com/doh?dns=DUIBAAABAAAAA...
(with our domain instead of example.com)
I noticed that some of the…
djvg
- 443
- 5
- 10
1
vote
2 answers
Relationship between DoT / DoH and HTTPS
I'm trying to understand the different roles that DoT / DoH and HTTPS are playing when it comes to protecting sensitive data in the internet. I spend the day reading a lot of stuff about DoT, HTTPS, TCP and IP.
But there is one thing that doesn't…
mu88
- 125
- 6
1
vote
1 answer
Privatebin URL/key interception?
I'm trying to figure out if it's possible while listening to the network to read URLs from the traffic.
Since privatebin uses the encryption key in the URL, what process could be in use to prevent spies to see the full URL?
I opened wireshark and…
Ozwel
- 161
- 7
1
vote
2 answers
What does using a VPN offers over HTTPS + DoH in terms of protection?
What are the security risks that someone using HTTPS (everywhere) + DoH is vulnerable to, comparing to someone using a "trusted" VPN?
Luis Vasconcellos
- 113
- 6
1
vote
1 answer
How do DoT and DoH facilitate fingerprinting by resolver operators?
https://dnscrypt.info/faq/ states for both DNS over HTTPS and DNS over TLS that it
Provides more information than regular DNS to resolver operators in order to fingerprint clients
How so?
lucidbrot
- 135
- 1
- 6
1
vote
1 answer
Can I intercept DNS-over-HTTPS (DoH) or -TLS (DoT) in my home network?
Right now I am redirecting all local network DNS traffic to my Pi-hole install, since some device do or may in the future use hardcoded DNS servers to bypass filtering.
Since DNS-over-HTTPS and DNS-over-TLS are becoming more common, I would like to…
FarO
- 313
- 2
- 7
0
votes
0 answers
How can I add secure DNS (DoH) to Windows settings before Windows makes any connections to the Internet during installation?
Is there a way I can add DNS over HTTPS details to Windows settings before it makes the first connection to the Internet during installation? I'm using the latest version of Windows 11.
Either by pressing Shift + F10 during boot process when…
lina
- 1
0
votes
2 answers
What's the use of encrypted DNS when ISP can see the IP address of the website?
I use an encrypted DNS server that supports DNSSEC and DoH, these features are useful for hiding from the ISP, VPN server provider etc. which website you are trying to look up, but eventually those parties will know which website you looked up and…
user279925
0
votes
1 answer
What happens if both DoH and DoT are enabled?
If I have DNS over HTTPS and DNS over TLS activated simultaneously (router has DoT activated and smartphone browser has DoH activated, so I see on https://1.1.1.1/help DoH: yes and DoT: yes), which one is used?
iwab
- 71
- 2
0
votes
0 answers
DNS over HTTPS (DoH)
DNS over HTTPS aims to increase user privacy and security by
preventing eavesdropping and manipulation of DNS data using the HTTPS
protocol to encrypt the data between the client and the DoH based DNS
resolver.
source
If a client uses DoH and…
user215422
- 75
- 1
- 1
- 7