New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
is it specifically DOT? i think i got that kind of things too when i used to selfhost ADGuard
no
but i noticed i was getting a lot of random ass DNS requests on my upstream DOH servers before i figured out what an ACL was so apparently more common than not
also why the fuck is your adguard home server exposed to the internet
they even hav local POP why ts pings worse than me goes to XINJIAPO lol
uinless this is an adguard home outside of home type beat
atleast i don't get those issues anymore
used to have a problem with cloudflare randomly routing my shit thru to the sydney pop every 2nd day
I think I won’t use random guy's AdGuard Home servers; my self-hosted DNS is a special path + UUID..., and other requests won’t receive a DNS response.
fuck i forgot to put an ACL on the DOH server i got on onidel
odds on i got a few thousand requests from some chinese IPs?
Either DoH or DoT, since those are exposed openly. UDP53 is firewalled and limited to my home IPs.
It is outside of home type beat ("load balanced" between Hetzner Finland and Gigahost Norway). It's so that I can access it from any IP (mostly when I'm on mobile) and don't wanna connect to WireGuard.
As mentioned above though, it's only DoH specifically. In the beginning I only saw random test requests for "experiments" or "benchmarking", but now I have people legitimately using them.
I know how they found my servers, its on a list of DoH capable DNS servers, but I just found it interesting. I guess if they are using it to bypass censorship in their country, I can understand that might prefer some random twat in Norway to see their requests than their gov.
if it's dot, i think they just TLS to ip via port 853 and ingor the cert but never got via DOH tho
probably explains why mine keep getting raided by MJJ when i don't ACL them
FALSE ALARM
turns out I ACL'd my ISPs entire /24 lmao
aussiebroadband users in my local area ur welcome
I think they use some tools that only hackers would use, like FOFA, Shodan, Censys, etc., to search for standard DNS responses on the internet.
anyone know how i can make my technitium server overwrite all 'refused' requests to a dns query to a website with a picutre of some cocknballs?
i think this could be really really funny
place your bets:
4
If you want to get them in trouble just put some Xi memes or Tiananmen Square stuff
no one will use your dns ever again
ya, maybe I could've done that too. I have NGINX in front anyway.
I don't mind though. Just a fun observation. If they don't mind me seeing them visit onlyfans, then whatever.
Is both DoH and DoT, maybe even DoQ (I forgot I set that up too). Is because listed here (among a ton of other DNS servers): https://github.com/curl/curl/wiki/DNS-over-HTTPS
I don't know how many requests are DoT vs. DoH, as I don't think AGH lets me see that easily, but checking individual queries I see mostly DoH and some DoT.
option 5, your ISP CEO publicly calls you out on reddit
first off wtf are you uploading
but also what is that screenshotted from? Are the response times at the bottom DNS response times?
that would be unifi and yes they are ping times and no you cant customize them
my it's no surprise.
back in the day my Adguard Home Upstream was dandelion sprout too
watch me bitch
once I decide to invest more in my network setup
all I will say is that it's legal linux isos
it's from Unifi, those are just ping response times that serve as health checks if there's some packet loss, high latency, or anything else, for which I get a notification
given that my isp doesn't even care if my torrent
i bet that da isp no care
thailand wireguard configs in my local inbox
Shoutout DandelionSprout 🐐
Me like their Nordic filters
ipv6 only possibel
my no Dedicated ip only NAT. i ain't gonna pay more for dedicated ip
I only have these two... I really want to set up a cluster-responsive DNS service, like Kubernetes + CoreDNS, but it's quite complicated.
