this post was submitted on 10 Jan 2026
12 points (92.9% liked)

networking

3391 readers
1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 2 years ago
MODERATORS
manifex@sh.itjust.works
12
How to detect and prevent DNS 53 hijacking on LAN ? (lemmy.ml)
submitted 3 days ago by tdTrX@lemmy.ml to c/networking@sh.itjust.works
3 comments fedilink hide all child comments
 

By hijacking I mean redirection .

I think I should be done at cliet's OS level.

Can Router do anything for it ?

top 3 comments
sorted by: hot top controversial new old
[–] atzanteol@sh.itjust.works 8 points 3 days ago (1 children)

DNSSEC

https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions

[–] stratself 1 points 3 days ago

Having a DNSSEC-enabled resolver does protect from tampering with the DNS records, but not all ISPs properly support it so you may see many more errors. It should be used in conjunction with recursion or a respectable public resolver with support for DoH/DoT

[–] slazer2au@lemmy.world 7 points 3 days ago

You either want DoT (DNS over TLS) or DoH (DNS over HTTPS)

Pihole and adguard home support both.