DNS Encryption explained - DNS over TLS (DoT) & DNS over HTTPS (DoH)

preview_player
Показать описание
I'll explain what DNS encryption is about. How does it technically work, why should we all care about, and which role does it play in the IT industry?

Follow me:

Timestamps:

00:00 - Introduction
01:14 What is DNS encryption and why do we need it?
02:48 How do DNS requests work?
04:21 DNS over TLS
07:06 DNS over HTTPS (DoH)
09:34 Concerns with DoH implementation

________________
All links with "*" are affiliate links.
  1. Christian Lempa
  2. networking
  3. dns
  4. dns over tls
  5. dns encryption
  6. domain name system
Рекомендации по теме
DNS Encryption explained 0:12:21

DNS Encryption explained - DNS over TLS (DoT) & DNS over HTTPS (DoH)

Why Secure DNS 0:05:51

Why Secure DNS is Important

Encrypt Your DNS 0:11:37

Encrypt Your DNS (STOP Your ISP SNOOPING!)

Secure your DNS 0:13:15

Secure your DNS Queries with Encrypted DNS

What is DNS 0:07:12

What is DNS Hijacking - How to Protect Yourself?

DNS over HTTPS 0:02:16

DNS over HTTPS in 2 Minutes

DNS as Fast 0:05:43

DNS as Fast As Possible

How DNS Works 0:08:04

How DNS Works - Computerphile

Best Encrypted DNS 0:06:31

Best Encrypted DNS in 2023? USE THIS COMBO!

Which Is The 0:12:08

Which Is The Best DNS for Secure Browsing: CloudFlare, Quad9, NextDNS, and AdGuard DNS

Encrypted DNS (Sept 1:01:43

Encrypted DNS (Sept 2020 update)

Bypassing Firewalls with 0:09:00

Bypassing Firewalls with DNS Tunnelling (Defence Evasion, Exfiltration and Command & Control)

NDSS 2020 Encrypted 0:25:09

NDSS 2020 Encrypted DNS = Privacy? A Traffic Analysis Perspective

The War for 0:57:19

The War for Control of DNS Encryption | Paul Vixie | WWHF Deadwood 2020 Virtual

Is Encrypted DNS 0:14:28

Is Encrypted DNS Good for Privacy?

Threat Hunting via 0:56:04

Threat Hunting via DNS | SANS@MIC Talk

DNS Demystified: Everything 0:14:03

DNS Demystified: Everything You Should Know for Faster Internet!

How DNS Over 0:09:20

How DNS Over HTTPS & DNS Over TLS Help to Prevent DNS Spoofing

Encrypt your DNS 0:05:06

Encrypt your DNS requests using DNS-over-TLS in Linux

DNS over TLS 0:03:32

DNS over TLS - the most secure protocol for encrypting DNS in Linux

Enable This Setting 0:16:38

Enable This Setting on EVERY Web Browser

Let's Encrypt Explained: 0:15:04

Let's Encrypt Explained: Free SSL

Encrypting DNS - 2:11:42

Encrypting DNS - Security Now 723

What are CNAME 0:03:54

What are CNAME records? (and how they compare to DNS A records)

Комментарии
Автор

This channel is very helpful for DevOps.

jojimerc
Автор

Perfect Content and clear explanation! Kudos to you!
Please make more of this kinds of technical/conceptual videos related to security topics which are a great help for other IT/Network enthusiastic individuals such as myself!

mohsen
Автор

Very interesting topic! New to your channel!

mrd
Автор

Awesome content, had been banging my head on such concepts. Request you to explain how to capture the data via Wireshark.

goks
Автор

Very helpful and makes learning easy. I watched it twice to digest all details well.

zeytee
Автор

So so you recommend IPS DNS or CloudFlare DNS over HTPPS? Great video btw

GamesOfficialYouTube
Автор

Centralized or De-Centralized, that's the question too :), thanks for the nice video

payambakhshi
Автор

Thank you for your video. I have a question what do you think would be faster DoH or DoT?

markpelayo
Автор

Thanks for the knowledge. So these techniques still need to be supported by the hosters/sites to make it fully encrypted?
I am just wondering if its really better to send the dns query via cloud based providers instead of „trusting/rely“ on your ISP. Probably depends on the country and their laws

aeroxx
Автор

very good. demoing with wireshark was very useful. thank you and please keep making videos like this.

mario_vasquez_
Автор

1:51 You mean they can see just SNI right as protocol will be SSL

nands
Автор

I want to see the configuration you did for stubby.yml file. Could you please share?

alimahaboob
Автор

Can zone transfers also be done the same?

bysl
Автор

How these settings are turned on..?
(Using DNS over WARP)

dilipdilipjohn
Автор

Do you have a tutorial on how to set it up on named?

beydoin
Автор

How does the performance impact look here? DNS under 512 bytes is a UDP query, super fast. Most machines cache the results locally, but resolvers usually don't cache. They may have to take more burden of responding to users queries by encrypting, decrypting, additional payload etc.,
Also I'm not sure if bind daemon supports these protocols as it's widely used.

harshavmb
Автор

6:20 im not getting a response from stubby, it stays stuck on "Starting DAEMON..." anyone got an idea why this might be happening to me?

NumberVaderfan
Автор

How can I to config on bind9 fowarders?

gugaucb
Автор

if you are using a VPN does it matter ?

sshadyh
Автор

Greeting, hope help me.
1- i set my machine network(i donot do any change for router only change my machine) to use "1.0.0.2 & 1.1.1.2" as dns server, they belong to cloudfloar.

2- is that mean all my machine dns quire encrypted (dns over https)?

3- when i go to cloudfloar test page the results was i do not use dns over https. Also when activate the dns over https in Firefox the results was "we do not know if you use dns over https or not".

4- there's any steps i should do beside set machine network to use clodfloar dns server, to be sure i use dns over https?

Thanks in advance

Mohamed-scso