The DNS-over-HTTPS (DoH) protocol is used for increased security on the network and provides additional confidentiality, but could be tracked according to a SANs researcher.*
https://twitter.com/xavitron/status/1209849990249627648
The DNS-over-HTTPS (DoH) protocol is used for increased security on the network and provides additional confidentiality, but could be tracked according to a SANs researcher.*
https://twitter.com/xavitron/status/1209849990249627648
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
DNS-Over-HTTPS (DoH) and DNS-Over-TLS (DoT) are important advancements to the overall security of the internet. However, these technologies can create blind spots in corporate networks. By preventing businesses from seeing DNS queries, individuals can become victims to DNS leak attacks if their systems are compromised. While encrypted DNS is important to prevent internal eavesdropping, those within the organizations should use company-approved DoH or DoT servers instead of publicly available servers like those offered by Cloudflare and Google. This will provide the encryption for individuals, but maintain security for the company. As was recently reported, organizations should look for long-lived TLS connections with payloads that don’t exceed a kilobyte. Network traffic analytics is the best way to see these connections without relying on packet capture as this information is easily accessible in network metadata. Additionally, organizations should consider deploying DNS servers that allow those within the organization to connect via DoT and DoH. This will give users the security they want and the visibility the organization needs.