. Skip to main content

(ˈpiːtə(r)), n, Dutch Computer geek, Father of 3 boys, Living together with @Chrizzzz. Working as a security consultant at @Atos, CISSP certified, Opinions are my own.

srcr.nl

twitter.com/srcr

instagram.com/srcr/

reddit.com/u/srcr/

paypal.me/srcr

keybase.io/srcr

xmpp:peter@srcr.nl

DNS-over-HTTPS in the Pi-hole

1 min read

On the Raspberry pi install the dnss package

apt install dnss

Edit the settings to make it listsn on port 5053, normally it listens on 53

vi /etc/systemd/system/sockets.target.wants/dnss.socket

# Sockets for dnss.
#
# This lets dnss run unprivileged.
# We typically want one UDP and one TCP socket.

[Socket]
ListenDatagram=5053
ListenStream=5053

[Install]
WantedBy=sockets.target

And restart the service, because the pi-hole is running starting probably failed right after installation, port 53 is in use

systemctl restart dnss.socket

In the Pi-hole admin web interface under settings find the tab DNS and adjust the upstream DNS Server to the dnss installation

Pi-Hole - Upstream DNS Servers

And we're good to go. dnss uses by default dns.google.com.

 

 

Attending: Taking Security From Mediocre to Mighty With The MITRE ATT&CK Framework on Brighttalk - https://www.isc2.org/News-and-Events/Webinars/EMEA-Webinars?commid=360733&utm_campaign=Twitter&a...

Good riddance, GandCrab! If you still have files encrypted with GandCrab download the decryptor here https://labs.bitdefender.com/2019/06/good-riddance-gandcrab-were-still-fixing-the-mess-you-left-behi... or via https://www.nomoreransom.org

Lots of kudo's for the expertise on this from @SandboxEscaper, but like it more if she would disclose this responsible 🤔

Listening to my daily Podcast list: "welcome to the MONDAY may 3rd 2019 edition of the SANS Stormcast" by @johullrich 😂

Replied to a post on github.com :

I understand the situation, still need to do my CEH exam :| . But I'm happy that I've been able to help and improve Ph0neutria.