|
|
|
|
|
|
by ComputerGuru
1024 days ago
|
|
|
DNS is really easy to redirect (at the firewall level) since it goes over UDP. The growing problem is DNS over HTTPS, which uses certificates and tcp and is much harder to redirect (without setting up a MITM and distributing the CA to all devices). Fortunately just blocking the DoH domains at the DNS level works, but unlike the global udp port 53 redirect, it’s a cat-and-mouse game. |
|
|