I would like to suggest to root users this type of solution about DNS:
1. Install magisk module
2. During the installation phase, select the automatic mode with the up arrow when requested
3. Reboot
4. Replace
5. Reboot
6. Test dns at https://dnsleaktest.com/
My
_disable DoH
_require DNSSEC
_require nolog from DNS resolvers
_require no filter from DNS resolvers
_it use securedns.eu, dnscrypt.me (NL/UK)
#dns
1. Install magisk module
DNSCrypt-Proxy 2
2. During the installation phase, select the automatic mode with the up arrow when requested
3. Reboot
4. Replace
.toml
file in the /etc/dnscrypt-proxy
folder5. Reboot
6. Test dns at https://dnsleaktest.com/
My
.toml
has these characteristics:_disable DoH
_require DNSSEC
_require nolog from DNS resolvers
_require no filter from DNS resolvers
_it use securedns.eu, dnscrypt.me (NL/UK)
#dns
Dnsleaktest
DNS leak test
DNSleaktest.com offers a simple test to determine if you DNS requests are being leaked which may represent a critical privacy threat. The test takes only a few seconds and we show you how you can simply fix the problem.
Android (Pie): Configure DNS over TLS (DoT)
From version 9.x (Pie) Android supports the DNS over TLS (DoT) protocol. This means: All DNS requests and answers are transmitted via a TLS secured connection, which is established between your Android and a DNS server. In contrast to unsecured DNS queries via UDP port 53, DoT protects against spying out DNS queries and man-in-the-middle attacks. DoT therefore improves both privacy and security.
Activation of DoT under Android 9:
β Open the system settings and navigate to "Network & Internet" -> "Advanced" -> "Private DNS".
β Choose "hostname of the private DNS provider".
β In the field below, enter the address of the DNS server that supports DoT.
Example:
With
IP:
AFWall+: To make DoT work in combination with AFWall+ you have to allow "(root) - Apps running as root".
Blokada: Only from version 4.x Blokada will support DoT.
NetGuard: Also NetGuard does not support DoT yet.
Note:
This is a global setting and applies to all network interfaces (WLAN, mobile, VPN, etc.). If, for example, you are on the road in your provider's mobile network, you will normally be assigned DNS servers by your provider, which will then answer the DNS queries. If you activate DoT, however, the DNS requests will be processed via the DNS server you have selected - the provider DNS servers will be overwritten.
#Android #Pie #DNS #DoT #TLS #Guide #Kuketz
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
From version 9.x (Pie) Android supports the DNS over TLS (DoT) protocol. This means: All DNS requests and answers are transmitted via a TLS secured connection, which is established between your Android and a DNS server. In contrast to unsecured DNS queries via UDP port 53, DoT protects against spying out DNS queries and man-in-the-middle attacks. DoT therefore improves both privacy and security.
Activation of DoT under Android 9:
β Open the system settings and navigate to "Network & Internet" -> "Advanced" -> "Private DNS".
β Choose "hostname of the private DNS provider".
β In the field below, enter the address of the DNS server that supports DoT.
Example:
dismail.com: fdns1.dismail.com
Then all DNS requests sent by your system will be transmitted via TLS-encrypted connection to the selected DNS server and answered.With
dnsleaktest.com
you can check if the selected DoT server is used. Go to the page and tap Standard Test - if you have chosen the dismail.de DoT server you should see the result:IP:
80.241.218.68
Hostname: dismail.de
Interaction with AFWall+, Blokada and NetGuard:AFWall+: To make DoT work in combination with AFWall+ you have to allow "(root) - Apps running as root".
Blokada: Only from version 4.x Blokada will support DoT.
NetGuard: Also NetGuard does not support DoT yet.
Note:
This is a global setting and applies to all network interfaces (WLAN, mobile, VPN, etc.). If, for example, you are on the road in your provider's mobile network, you will normally be assigned DNS servers by your provider, which will then answer the DNS queries. If you activate DoT, however, the DNS requests will be processed via the DNS server you have selected - the provider DNS servers will be overwritten.
Source and more Info (read in German):https://www.kuketz-blog.de/android-pie-dns-over-tls-dot-einstellen/
#Android #Pie #DNS #DoT #TLS #Guide #Kuketz
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES