Alphane Moon@lemmy.world to Technology@lemmy.worldEnglish · 1 month agoAn ad giant wants to control your next TV’s OSarstechnica.comexternal-linkmessage-square121fedilinkarrow-up1301arrow-down13cross-posted to: news@lemmy.linuxuserspace.showtechnology@lemmy.ziphardware@lemmy.world
arrow-up1298arrow-down1external-linkAn ad giant wants to control your next TV’s OSarstechnica.comAlphane Moon@lemmy.world to Technology@lemmy.worldEnglish · 1 month agomessage-square121fedilinkcross-posted to: news@lemmy.linuxuserspace.showtechnology@lemmy.ziphardware@lemmy.world
minus-squareSaik0@lemmy.saik0.comlinkfedilinkEnglisharrow-up28arrow-down1·edit-21 month agoBlock all port 53 traffic from your network outside of your DNS server/pihole itself. Block all known DoH servers. If you want to get REALLY fancy you can write a NAT rule that will force any outgoing request on port 53 to route to your dns/pihole. I do all of this. It’s actually funny to see the requests that were hardcoded to go somewhere. Giant fuck you to those companies.
minus-squareSaik0@lemmy.saik0.comlinkfedilinkEnglisharrow-up3arrow-down1·1 month agoYes. But there are lists of well known IPs that are serving DoH. So you can just block those. Obviously blocking 443 is not a good idea.
minus-squareGoun@lemmy.mllinkfedilinkEnglisharrow-up1·1 month agoDamn, never digged into that I thought blocking the DNS port would be enough, thanks for the information.
Block all port 53 traffic from your network outside of your DNS server/pihole itself.
Block all known DoH servers.
If you want to get REALLY fancy you can write a NAT rule that will force any outgoing request on port 53 to route to your dns/pihole.
I do all of this. It’s actually funny to see the requests that were hardcoded to go somewhere. Giant fuck you to those companies.
Do DoH requests go though 443?
Yes. But there are lists of well known IPs that are serving DoH. So you can just block those. Obviously blocking 443 is not a good idea.
Damn, never digged into that I thought blocking the DNS port would be enough, thanks for the information.