Results 1 to 2 of 2
  1. #1
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,263

    Default Disable DoH on Firefox for an entire network

    I just discovered this: https://support.mozilla.org/en-US/kb...dns-over-https

    So, out of curiosity I went to config -> network -> DNS, and in the Static DNS Entries list I created a record named: use-application-dns.net, with an address of 127.0.0.1.

    Sadly, Firefox is still trying to DoH, but I'm not sure exactly when Firefox make the configuration change.

    Found this: https://bugzilla.mozilla.org/show_bug.cgi?id=1582745

    Using Firefox 78.0.2 (64-bit)

    I'm going to keep an eye on this, because presumably the canary rule being deployed in Untangle should help us control this behavior of we wish.

    Also, Threat Prevention is still stopping this behavior from my browsers as expected.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  2. #2
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,606

    Default

    Another piece to this puzzle that has gotten me ever so slightly more comfortable with this situation is: If the browser finds that the client is configured with a DoH server that the browser is aware of, it will be happy to use it.

    I predict that Untanlge will never make that list (as a server). But OpenDNS is supporting DoH. This article was recently updated:
    https://support.opendns.com/hc/en-us/articles/360038086532-Using-DNS-over-HTTPS-DoH-with-OpenDNS

    I have also observed that DoH endpoints require a FQDN. This brings them a little more visibility.
    And the paradox that to negotiate DoH, plain DNS may be needed.
    Last edited by Jim.Alles; 07-16-2020 at 02:05 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2