|
|
|
|
|
|
by subwindow
2631 days ago
|
|
|
This has negative implications for security. For instance, one reason why DNS resolvers might block or modify requests is to blacklist domains used for malware operation (botnet C&C domains). Other things like DNS sinkholing and poisoning are also frequently used as tools to disrupt malware communication. In addition, collection and analysis of below-the-recursive DNS traffic is one of the primary ways in which security researchers discover the infrastructure of botnet networks. Overall DoH is probably a net positive, but I don't see downsides like this being discussed. |
|
|