Expert Advise On DNS-Over-HTTPS Traffic On The Network

The DNS-over-HTTPS (DoH) protocol is used for increased security on the network and provides additional confidentiality, but could be tracked according to a SANs researcher.*

https://twitter.com/xavitron/status/1209849990249627648

Experts Comments

January 02, 2020
Justin Jett
Director of Audit and Compliance
Plixer
DNS-Over-HTTPS (DoH) and DNS-Over-TLS (DoT) are important advancements to the overall security of the internet. However, these technologies can create blind spots in corporate networks. By preventing businesses from seeing DNS queries, individuals can become victims to DNS leak attacks if their systems are compromised. While encrypted DNS is important to prevent internal eavesdropping, those within the organizations should use company-approved DoH or DoT servers instead of publicly available.....Read More
DNS-Over-HTTPS (DoH) and DNS-Over-TLS (DoT) are important advancements to the overall security of the internet. However, these technologies can create blind spots in corporate networks. By preventing businesses from seeing DNS queries, individuals can become victims to DNS leak attacks if their systems are compromised. While encrypted DNS is important to prevent internal eavesdropping, those within the organizations should use company-approved DoH or DoT servers instead of publicly available servers like those offered by Cloudflare and Google. This will provide the encryption for individuals, but maintain security for the company. As was recently reported, organizations should look for long-lived TLS connections with payloads that don’t exceed a kilobyte. Network traffic analytics is the best way to see these connections without relying on packet capture as this information is easily accessible in network metadata. Additionally, organizations should consider deploying DNS servers that allow those within the organization to connect via DoT and DoH. This will give users the security they want and the visibility the organization needs.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.