is this the best time to setup pi-hole
It seems TM Unifi has finally implemented, transparent DNS proxy
|
|
 Sep 6 2024, 06:11 PM
|
 
Senior Member
1,630 posts Joined: Jul 2005  
|
|
Quote|
|
|
|
|
Sep 6 2024, 06:12 PM
Show posts by this member only | IPv6 | Post
#882
|
All Stars
11,459 posts Joined: Oct 2007 From: KL
|
QUOTE(yushin @ Sep 6 2024, 03:56 PM) Seem like TM has hijacked the whole 1.1.1.1 IP. Yah, just find working DoH server, no problem for 1337 /k sifus.Can use other DNS that support DOH. No need die die go on 1.1.1.1?  This post has been edited by soonwai: Sep 6 2024, 06:12 PM headache liked this post
|
|
|
Sep 6 2024, 06:12 PM
Show posts by this member only | IPv6 | Post
#883
|
Senior Member
2,096 posts Joined: Aug 2009 From: Shithole Klang
|
QUOTE(eds2 @ Sep 6 2024, 06:03 PM) wildcard block cloudflare.com on unifi Fucking LOLmemang thebest  Tls cert changed to tm Which politeknik intern tm hire to manage their network? This post has been edited by failed.hashcheck: Sep 6 2024, 06:14 PM |
|
|
Sep 6 2024, 06:14 PM
|
All Stars
12,057 posts Joined: Oct 2017
|
QUOTE(eds2 @ Sep 6 2024, 06:03 PM) wildcard block cloudflare.com on unifi Ok eds2, 8888 also same rightmemang thebest |
|
|
Sep 6 2024, 06:14 PM
|
Junior Member
592 posts Joined: Oct 2018
|
QUOTE(BladeRider88 @ Sep 6 2024, 03:19 PM) Dey...is Far Mi ok? Gobind will not do such "brilliant" thing. And this blocking things fall under Far Mi jurisdiction ya.. this Fak mi really lembab... if it was Gobind we would have this DNS hijacking by ISP implemented and running before 31st July 2024 rather than 30th Sept 2024..This post has been edited by brkli: Sep 6 2024, 06:15 PM |
|
|
Sep 6 2024, 06:22 PM
Show posts by this member only | IPv6 | Post
#886
|
|
All Stars
11,459 posts Joined: Oct 2007 From: KL
|
QUOTE(GregPG01 @ Sep 6 2024, 04:42 PM) CHROME cannot even connect if i select anything else from "OS default" . Those 4 Secure DNS servers were the first to get nuked. Probably because many Chrome users and easy to enable DoH so TM target that first. |
|
|
|
|
|
Sep 6 2024, 06:26 PM
Show posts by this member only | IPv6 | Post
#887
|
Senior Member
589 posts Joined: Jul 2008 From: Penang
|
Kinda confused. Some saying DOH blocked, some saying DOH not blocked.
It depends on luck? It's blocked for some and not for others? Or TM hasn't finished implementing yet? For me (using 8888 on TM Unifi), I can access the "useful" sites when Secure DNS in browser is ON (tried Chrome, Edge, Opera). Otherwise, not accessible. Just as simple as that. This post has been edited by hsyong: Sep 6 2024, 06:27 PM |
|
|
Sep 6 2024, 06:29 PM
Show posts by this member only | IPv6 | Post
#888
|
Junior Member
42 posts Joined: May 2012 From: Ipoh, Perak
|
QUOTE(hsyong @ Sep 6 2024, 06:26 PM) Kinda confused. Some saying DOH blocked, some saying DOH not blocked. I believe it is implemented in stages. Some areas might not affected until much later.It depends on luck? It's blocked for some and not for others? Or TM hasn't finished implementing yet? For me (using 8888 on TM Unifi), I can access the "useful" sites when Secure DNS in browser is ON (tried Chrome, Edge, Opera). Otherwise, not accessible. Just as simple as that. pgsiemkia liked this post
|
|
|
Sep 6 2024, 06:29 PM
Show posts by this member only | IPv6 | Post
#889
|
|
All Stars
11,459 posts Joined: Oct 2007 From: KL
|
QUOTE(eds2 @ Sep 6 2024, 06:03 PM) wildcard block cloudflare.com on unifi www is ok. Just https://cloudflare.com IP nuked.memang thebest I think should be config file typo or not enough caffeine. I'm confident that TM didn't mean to block the CF website. If you need to login and work, dash. is also working. This post has been edited by soonwai: Sep 6 2024, 06:29 PM |
|
|
Sep 6 2024, 06:34 PM
Show posts by this member only | IPv6 | Post
#890
|
Junior Member
67 posts Joined: May 2009
|
very good all my server down coz i use cloudflare dns, great for business, this is because they want to spy on everyone.
|
|
|
Sep 6 2024, 06:35 PM
Show posts by this member only | IPv6 | Post
#891
|
|
Junior Member
67 posts Joined: May 2009
|
QUOTE(Yuuyatails @ Sep 6 2024, 06:29 PM) I believe it is implemented in stages. Some areas might not affected until much later. doh blocked for me, |
|
|
Sep 6 2024, 06:35 PM
|
Junior Member
101 posts Joined: Jul 2022 From: Kelantan
|
QUOTE(soonwai @ Sep 6 2024, 06:29 PM) www is ok. Just https://cloudflare.com IP nuked. i'm using paid cloudflare. not sure if free account have this.I think should be config file typo or not enough caffeine. I'm confident that TM didn't mean to block the CF website. If you need to login and work, dash. is also working. in zero trust gateway, i set dns location. they'll give you different set of DNS ip and doh/dot. no need to download warp or whatever. i use this mainly to separate office location. well, hope tm dont go and block this shit   edit: nevermind lol. this one is also fucked This post has been edited by eds2: Sep 6 2024, 06:42 PM |
|
|
Sep 6 2024, 06:35 PM
Show posts by this member only | IPv6 | Post
#893
|
|
All Stars
11,459 posts Joined: Oct 2007 From: KL
|
QUOTE(yongtjunkit @ Sep 6 2024, 06:07 PM) But the DNS queries were still redirected to TM DNS except in DOH/DOT form? Yup, still TM DNS and results only if cert validation is disabled. If enabled then nothing.TM still waiting for the Lalamove guy with the USB drive containing Google & Cloudflare SSL keys. yongtjunkit liked this post
|
|
|
|
|
|
Sep 6 2024, 06:39 PM
Show posts by this member only | IPv6 | Post
#894
|
|
All Stars
11,459 posts Joined: Oct 2007 From: KL
|
QUOTE(hsyong @ Sep 6 2024, 06:26 PM) Kinda confused. Some saying DOH blocked, some saying DOH not blocked. DoH not blocked. But their DNS server is getting overloaded already. This is just dig without cert validation.It depends on luck? It's blocked for some and not for others? Or TM hasn't finished implementing yet? For me (using 8888 on TM Unifi), I can access the "useful" sites when Secure DNS in browser is ON (tried Chrome, Edge, Opera). Otherwise, not accessible. Just as simple as that. Those DoH clients in routers or browsers will fail because they will or should be validating the cert. CODE % dig @8.8.8.8 +https onlyfans.com ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached % dig @8.8.8.8 +https onlyfans.com ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached % dig @8.8.8.8 +https onlyfans.com ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ; <<>> DiG 9.20.1 <<>> @8.8.8.8 +https onlyfans.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33943 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;onlyfans.com. IN A ;; ANSWER SECTION: onlyfans.com. 0 IN A 175.139.142.25 ;; Query time: 9 msec ;; SERVER: 8.8.8.8#443(8.8.8.8) (HTTPS) <----- DoH ;; WHEN: Fri Sep 06 18:37:46 +08 2024 ;; MSG SIZE rcvd: 57 anime4000 You still DDOSing TM dns ar? Berapa mbps? Their server going to die already. This post has been edited by soonwai: Sep 6 2024, 06:44 PM |
|
|
Sep 6 2024, 06:41 PM
Show posts by this member only | IPv6 | Post
#895
|
|
Junior Member
42 posts Joined: May 2012 From: Ipoh, Perak
|
QUOTE(soonwai @ Sep 6 2024, 06:39 PM) DoH not blocked. But their DNS server is getting overloaded already. That sounds like a DDoS attack to the DNS server to me.CODE % dig @8.8.8.8 +https onlyfans.com ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached % dig @8.8.8.8 +https onlyfans.com ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached % dig @8.8.8.8 +https onlyfans.com ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ;; Connection to 8.8.8.8#443(8.8.8.8) for onlyfans.com failed: connection refused. ;; no servers could be reached ; <<>> DiG 9.20.1 <<>> @8.8.8.8 +https onlyfans.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33943 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;onlyfans.com. IN A ;; ANSWER SECTION: onlyfans.com. 0 IN A 175.139.142.25 ;; Query time: 9 msec ;; SERVER: 8.8.8.8#443(8.8.8.8) (HTTPS) <----- DoH ;; WHEN: Fri Sep 06 18:37:46 +08 2024 ;; MSG SIZE rcvd: 57 |
|
|
Sep 6 2024, 06:41 PM
Show posts by this member only | IPv6 | Post
#896
|
|
Senior Member
589 posts Joined: Jul 2008 From: Penang
|
QUOTE(soonwai @ Sep 6 2024, 06:39 PM) DoH not blocked. But their DNS server is getting overloaded already. Thank you! That's good to hear. |
|
|
Sep 6 2024, 06:42 PM
|
Junior Member
282 posts Joined: Mar 2005
|
Yes, finally!
Don't go sharing those, okay?  QUOTE(yushin @ Sep 6 2024, 03:56 PM) Seem like TM has hijacked the whole 1.1.1.1 IP. Can use other DNS that support DOH. No need die die go on 1.1.1.1? |
|
|
Sep 6 2024, 06:42 PM
Show posts by this member only | IPv6 | Post
#898
|
Senior Member
2,453 posts Joined: Nov 2007 From: Kuching, Sarawakland
|
eh.. suddenly cannot access binance
|
|
|
Sep 6 2024, 06:45 PM
|
|
Junior Member
592 posts Joined: Oct 2018
|
QUOTE(Yuuyatails @ Sep 6 2024, 06:41 PM) That sounds like a DDoS attack to the DNS server to me. it is called a self impose ddos. so, now u know, before this, nobody really use ISP's DNS server.. |
|
|
Sep 6 2024, 06:49 PM
Show posts by this member only | IPv6 | Post
#900
|
|
All Stars
11,459 posts Joined: Oct 2007 From: KL
|
QUOTE(Yuuyatails @ Sep 6 2024, 06:41 PM) That sounds like a DDoS attack to the DNS server to me. Ha? I only pressed return 3 times wor. Anybody who is using 8.8.8.8 & 8.8.4.4 is ddosing TM now. Also any software with hardcoded 8888, etc... pgsiemkia liked this post
|
| Change to: |  0.0160sec
 0.70
 6 queries
 GZIP Disabled
Time is now: 20th December 2025 - 08:09 PM |
All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)
Powered by Invision Power Board © 2025 IPS, Inc.