Time and Maxis started to hijack dns query

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Networks and Broadband

Bump Topic Add Reply RSS Feed

Outline · [ Standard ] · Linear+

Time and Maxis started to hijack dns query

views

Kadaj	Aug 9 2024, 09:02 AM Return to original view \| Post #1
On my way Junior Member 584 posts Joined: Mar 2006	QUOTE(kwss @ Aug 9 2024, 12:11 AM) Papa said don't try to climb walls. It's bad for you, your family and your kids. Pretty good advice overall. Big brother don't want you to land in hospital je.... If you don't listen to Papa then you're a bad boy, Papa will ask police to arrest you.
Card PM	Report Top Like Quote Reply

Kadaj	Aug 10 2024, 12:11 AM Return to original view \| Post #2
On my way Junior Member 584 posts Joined: Mar 2006	QUOTE(kwss @ Aug 9 2024, 09:30 PM) Did anyone actually MITM or pen test this thing? Given the recent development of TM where they MITM DoH and DoT, the router must absolutely verify the certificate properly. On Mikrotik, none of this is done! Did you miss anything and caused the dns leak? maybe check the firewall rules. https://youtu.be/w4erB0VzyIE
Card PM	Report Top Like Quote Reply

Kadaj	Aug 13 2024, 08:51 AM Return to original view \| Post #3
On my way Junior Member 584 posts Joined: Mar 2006	QUOTE(alpha @ Aug 13 2024, 08:35 AM) do we need to install extra program for windows or android in order to use encrypted dns? or just simply change 1.1.1.1 to those with encrypted dns will be enough, or how do we check the dns we are using is encrypted? sorry I am rookie.... TQ There are several ways to do it. 1. Firefox & Chrome web browsers https://imap.sinarproject.org/news/internet...lic-dns-servers 2. Windows 11 https://www.howtogeek.com/765940/how-to-ena...-on-windows-11/ 3. Android https://blog.cloudflare.com/enable-private-...-android-9-pie/ To test if you're using Cloudflare secure dns (DoH or DoT): https://one.one.one.one/help/ https://www.cloudflare.com/ssl/encrypted-sni/
Card PM	Report Top Like Quote Reply

Kadaj	Aug 13 2024, 09:02 AM Return to original view \| Post #4
On my way Junior Member 584 posts Joined: Mar 2006	Calling help for collecting data to test for Transparent DNS Proxies. https://imap.sinarproject.org/news/guide-on...ent-dns-proxies If you're not using Linux, you can create a Linux bootable USB drive and run the commands. You can use USB tethering or wifi hotspot from mobile phone to connect to internet and test your mobile network.
Card PM	Report Top Like Quote Reply

Kadaj	Aug 13 2024, 09:51 PM Return to original view \| Post #5
On my way Junior Member 584 posts Joined: Mar 2006	QUOTE(kwss @ Aug 13 2024, 04:53 PM) From my testing with Celcom (AS10030), all DNS is hijacked, including microsoft.com, lowyat.net, etc. They all resolved via some non-routable IP address. I tested with AS10030 Celcom but it doesn't implement transparent proxy DNS and doesn't block anything. You can view the reports here: 1.1.1.1: https://explorer.ooni.org/m/20240813131113....4706209241c200c 8.8.8.8: https://explorer.ooni.org/m/20240813131135....aa74995ad507bf9 9.9.9.9: https://explorer.ooni.org/m/20240813131158....27ecfbf61a2bcb0 I tested with XOX which is MVNO riding on Celcom.
Card PM	Report Top Like Quote Reply

« Next Oldest · Networks and Broadband · Next Newest »

Add Reply Options

Change to:

0.0203sec

0.37

7 queries

GZIP Disabled
Time is now: 2nd December 2025 - 08:52 AM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.