this post was submitted on 22 Jul 2023
17 points (94.7% liked)

Privacy

32167 readers
340 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hi guys

I setup Pihole + unbound + PiVPN. Could I setup unbound as DoH server?

top 4 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

Not sure what you mean by setting unbound as a DoH server. You mean to query unbound through DoH? Wouldn't you prefer to query you PiHole instead (which will query unbound)?

Anyway, the best way to do this is using Adguard's dnsproxy: it proxies calls to any DNS server. (self plug: I made a Docker container for dnsproxy)

[–] badgrandpa 1 points 1 year ago (2 children)

ok is Pihole + unbound protects me from ISP seeing my queries, and MIM attacks?

[–] [email protected] 3 points 1 year ago
[–] [email protected] 1 points 1 year ago

Unless your ISP does Deep Packet Inspection (DPI), your ISP should not be able to see your DNS queries since you won't be querying their DNS server anymore, but the authoritative servers. Maybe you can protect yourself from DPI by setting up unbound to query the authoritative servers using DoT or DoH (though I don't know how).

As for MIM attacks, I don't have enough knowledge to answer.

load more comments
view more: next ›