Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Doh and chat gpt

    Scheduled Pinned Locked Moved DHCP and DNS
    24 Posts 5 Posters 182 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • tinfoilmattT Offline
      tinfoilmatt @tinfoilmatt
      last edited by

      This assumes that the network operator/s or admin/s would continue to maintain full visibility over DNS traffic (in plaintext) on the LAN.

      1 Reply Last reply Reply Quote 0
      • JonathanLeeJ Offline
        JonathanLee @tinfoilmatt
        last edited by JonathanLee

        @tinfoilmatt But they are also making references to command and control over DoH externally, meaning outbound also right? I mean internally we could set it up with Unbound @johnpoz and I talked about this a couple years ago, requires some certificates, but outbound has no real catch all solution, outside of MIME blocking on get requests, again once you do this Microsoft goes crazy because they have some ones they want left alone.

        Make sure to upvote

        tinfoilmattT 1 Reply Last reply Reply Quote 0
        • tinfoilmattT Offline
          tinfoilmatt @JonathanLee
          last edited by tinfoilmatt

          @JonathanLee I believe they refer to the fact that malicious actors operating C2 servers are able to conceal LAN activity by designing their malware to query DoH servers under their control. To the LAN operator, this traffic would appear to simply be regular ol' HTTPS (and therefore encrypted) traffic.

          JonathanLeeJ 1 Reply Last reply Reply Quote 1
          • JonathanLeeJ Offline
            JonathanLee @tinfoilmatt
            last edited by

            @tinfoilmatt Maybe a containerized instance of something was able to do this.

            Make sure to upvote

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.