Detect & Prevent DNS53 hijacking on LAN ? (lemmy.ml)

submitted 1 month ago* (last edited 1 month ago) by tdTrX@lemmy.ml to c/networking@sh.itjust.works

3 comments fedilink hide all child comments

By hijacking I mean redirection .

I think I should be done at cliet's OS level.

Can Router do anything for it ?

top 3 comments

sorted by: hot top controversial new old

[-] atzanteol@sh.itjust.works 9 points 1 month ago

DNSSEC

https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions

[-] stratself@lemdro.id 1 points 1 month ago

Having a DNSSEC-enabled resolver does protect from tampering with the DNS records, but not all ISPs properly support it so you may see many more errors. It should be used in conjunction with recursion or a respectable public resolver with support for DoH/DoT

[-] slazer2au@lemmy.world 6 points 1 month ago

You either want DoT (DNS over TLS) or DoH (DNS over HTTPS)

Pihole and adguard home support both.

this post was submitted on 10 Jan 2026

13 points (100.0% liked)

networking

3451 readers

1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 2 years ago

MODERATORS

manifex@sh.itjust.works