Hacker News new | ask | show | jobs
by caymanjim 640 days ago
This does nothing to stop anything intentionally circumventing your DNS settings. There's no reason DNS traffic has to be on port 53, and DoH is undetectable.
1 comments
ycombinatrix 638 days ago
>This does nothing to stop anything intentionally circumventing your DNS settings.

It makes it substantially more difficult. My firewall statistics are proof of that. On a production network you'd have everything blocked.

link