Reply to post: Re: not going to work

Microsoft joins Google and Mozilla in adopting DNS over HTTPS data security protocol

dca1

Re: not going to work

DPI is the only true solution but for now I'm doing as you do with 53/853 only allowed by pihole. I also manage a list of ip's on my router that are dropped for 443. The list updates weekly based on resolving the ip's of all the rel="nofollow" links on this page https://github.com/curl/curl/wiki/DNS-over-HTTPS to get me ip's for known DoH servers. It's not ideal, mine also isn't the best implementation (made it when I was just pondering DoH) but it catches enough right now, is more or less zero maintenance and is better than nothing.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020