Alphane Moon@lemmy.world to Technology@lemmy.worldEnglish · 26 days agoAn ad giant wants to control your next TV’s OSarstechnica.comexternal-linkmessage-square121fedilinkarrow-up1301arrow-down13cross-posted to: news@lemmy.linuxuserspace.showtechnology@lemmy.ziphardware@lemmy.world
arrow-up1298arrow-down1external-linkAn ad giant wants to control your next TV’s OSarstechnica.comAlphane Moon@lemmy.world to Technology@lemmy.worldEnglish · 26 days agomessage-square121fedilinkcross-posted to: news@lemmy.linuxuserspace.showtechnology@lemmy.ziphardware@lemmy.world
minus-squareSaik0@lemmy.saik0.comlinkfedilinkEnglisharrow-up28arrow-down1·edit-226 days agoBlock all port 53 traffic from your network outside of your DNS server/pihole itself. Block all known DoH servers. If you want to get REALLY fancy you can write a NAT rule that will force any outgoing request on port 53 to route to your dns/pihole. I do all of this. It’s actually funny to see the requests that were hardcoded to go somewhere. Giant fuck you to those companies.
minus-squareSaik0@lemmy.saik0.comlinkfedilinkEnglisharrow-up3arrow-down1·25 days agoYes. But there are lists of well known IPs that are serving DoH. So you can just block those. Obviously blocking 443 is not a good idea.
minus-squareGoun@lemmy.mllinkfedilinkEnglisharrow-up1·25 days agoDamn, never digged into that I thought blocking the DNS port would be enough, thanks for the information.
Block all port 53 traffic from your network outside of your DNS server/pihole itself.
Block all known DoH servers.
If you want to get REALLY fancy you can write a NAT rule that will force any outgoing request on port 53 to route to your dns/pihole.
I do all of this. It’s actually funny to see the requests that were hardcoded to go somewhere. Giant fuck you to those companies.
Do DoH requests go though 443?
Yes. But there are lists of well known IPs that are serving DoH. So you can just block those. Obviously blocking 443 is not a good idea.
Damn, never digged into that I thought blocking the DNS port would be enough, thanks for the information.