Collaborate Disseminate
I am confused about if I decided to implement DNS over TLS (DoT), would I lose DNSSEC?
Details:
I am connected with IPv4 + IPv6 Cloudflare DNS directly in my home OpenWrt router.
I love the idea of safer DNS, even if for home purposes, D… Continue reading Does Cloudflare’s DNS over TLS (DoT) implement DNSSEC too?
Instead of depending on secure application protocols such as HTTPS, SSH, SFTP,
Secure SMTP, DNS-Sec, etc., many corporate IT environments use TLS for
communication between the modules or systems of their enterprise applications,
specifical… Continue reading Why many IT corporate companies love TLS?
I’m interested in methods/solutions for blocking incoming and/or out-going WhatsApp requests and/or traffic on a personal home Google WiFi network.
I also have the Google WiFi app with manager/admin rights.
Thank you!
I’ve been looking into ways to detect a Man In the Middle attack, when the client has "duped" into trusting third party CA. Examples of this are, anti-virus applications and corporate firewalls who are now installing their own c… Continue reading Detecting a web based MITM attack?
Attackers are trying to trick web administrators into sharing their admin account login credentials by urging them to activate DNSSEC for their domain. Scam emails lead to fake login pages The scam was spotted by Sophos researchers, when the admin(s) o… Continue reading Fake “DNS Update” emails targeting site owners and admins
If you run a website or a blog, watch out for emails promising “DNSSEC upgrades” – these scammers are after your whole site. Continue reading Beware “secure DNS” scam targeting website owners and bloggers
Google Domains’ DNS management has a link that says Enable DNSSEC. And, as I understand it, this prevents spoofing of DNS responses. And, that sounds great!
So, why wouldn’t I want to enable DNSSEC?
Does it prevent me from using local ove… Continue reading Is there any reason not to enable DNSSEC?
Goal
My goal is to build a PWA. I am new to programming and I believe it is better to start with NGINX.
I have not found a good article (explaining the security risk) about using the Cloud DNS (such as Alibaba Cloud DNS) to function as a… Continue reading How do you mitigate the risk of stolen unencrypted data because you are using Cloud DNS to proxy the request that are sent to your server?
I have local (private) root domain domainX.example and subdomains : subdomainY.domainX.example and subdomainZ.domainX.example.
I can do chain of trust if all zones are In-line signed
zone “domainX.example” {
type master;
f… Continue reading Is it possible to do In-line Signing for for local root zone
I’m adopting/setting up DNSSEC on my domains for the first time, and curious about the practical benefits I can expect. In theory, regardless of whether client/stub resolvers want checking, recursive nameservers can request signature chain… Continue reading What portion of recursive (ISP, public, etc.) nameservers validate DNSSEC strictly?