QUOTE(QuantumEdge @ Aug 9 2024, 02:50 PM)
Lets go, but I think most Tplink router users wont have such luck?
Time and Maxis started to hijack dns query
|
|
 Aug 9 2024, 06:45 PM
Return to original view | Post
#1
|
 
Junior Member
603 posts Joined: Jun 2005  
|
Lets go, but I think most Tplink router users wont have such luck? |
Quote|
|
Aug 9 2024, 09:07 PM
Return to original view | Post
#2
|
|
Junior Member
603 posts Joined: Jun 2005
|
QUOTE(QuantumEdge @ Aug 9 2024, 02:50 PM) Lets go, but I think most Tplink router users wont have such luck?  Let me know if I've configured it correctly. I disabled my ipv6. Thus, I didn't include the ipv6 address. Thanks. |
|
|
Aug 9 2024, 11:17 PM
Return to original view | Post
#3
|
|
Junior Member
603 posts Joined: Jun 2005
|
QUOTE(kwss @ Aug 9 2024, 09:30 PM) Based on my nmap scan, the domain should be: I've set Prevent Client auto DoH to NO. Thanks.dns.adguard.com EDIT: If you connect without SNI it will serve you certificate with dns.adguard.com. With SNI it will serve certificate with dns.adguard-dns.com. So both works. Prevent client auto DoH must be set to off. Otherwise Encrypted Client Hello won't work. You want ECH to work on a highly censored network because it prevent the censor from snooping on your SNI. Unknown: Did anyone actually MITM or pen test this thing? Given the recent development of TM where they MITM DoH and DoT, the router must absolutely verify the certificate properly. On Mikrotik, none of this is done! |
| Change to: |  0.0176sec
 0.92
 7 queries
 GZIP Disabled
Time is now: 9th December 2025 - 12:25 PM |
All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)
Powered by Invision Power Board © 2025 IPS, Inc.