What is the Android DNS Security with DoH and DoT tutorial about?
In this video tutorial called Android DNS Security with DoH and DoT, I will show you how you can strengthen your security on Android by securing the DNS requests that your phone makes all the time.
What does DNS mean and what is it used for?
DNS comes from the Domain Name System, and is the mechanism by which IP addresses and domain names are connected.
For example, the google.ro it is not an address in itself but only a name, it is called google.ro, but it lives at 172.217.23.99
This means that DNS servers help us find out what IP address we can find in the videotutorial.ro domain, for example.
This is because we humans can remember names better than strings of numbers.
A DNS server keeps other records, but we will not discuss that today.
But why secure Android, what's not sure?
Android itself, especially if it has up-to-date security patches, is a secure operating system.
The problem is to secure the connection that our phone has with DNS servers, when it makes certain requests.
E.g:
If the connection to the DNS server is not secure, DNS requests may be seen by a third party, who normally should not see our traffic, or more accurately should not understand the traffic.
What steps can we take to secure DNS traffic from our phone to the Internet?
The measures we can take are many, from using a VPN service, to changing some settings in the router, but today I stopped at two, which are easy to apply.
Android DNS security with DoH and DoT - what it means
DoH - means DNS over HTTPS
DoH is a method of securing DNS connections / requests in the Google Chrome browser.
It's easy to use and we even have several options when it comes to choosing a secure DNS provider.
It is important to note that DoH works under the name "application layer", it covers only the Chrome browser, not other installed applications.
How is DoH activated?
Chrome / menu / Settings / Privacy & security / Use secure DNS / "Enable" / Choose another provider / select from the list or put a preferred provider.
DoT - means DNS over TLS
DoT, from my point of view is a better choice, because protection covers the whole system, not just the browser.
It is important to note that DoT works at the "transport layer" level and this means that it covers absolutely any request made from Android, by any application.
How is DoT activated?
Phone settings / Connections / Multiple connection settings / Private DNS / Select private DNS host name and enter. ”1dot1dot1dot1.cloudflare-dns.com”For the DNS from CloudFlare, which is the fastest, or fill in any other preferred provider.
Thanks Cristi. It must be specified that the phone must be restarted after choosing the private DNS for the change to take effect.
It also works with restarting the browser if we choose DoH.
I came back.PersonalDNSfilter stops DoT .After stopping PesonalDNSfilter DoT goes.
Thanks for the feedback.
Oblivious DNS has to appear that's even louder, When you do a tutorial with Wireguard VPN cloudflared DOH dns and Pihole on raspberry pi
Hi Cristi, I use a third-party application from adguard with a lifetime license purchased in 2016 and it has an interesting function with it you can choose what dns you want directly from the application, plus lock Trackers lock Windows diagnostic data, for android is not in store because it's adblocker and they banned it from Google. They say they don't keep logs / data about users, is that true? Based in Cyprus but the founders of the application are Russian!
Could it also be adapted for windows or for the router setting?
It's great for the phone.
I can't find private DNS on the S7 edge
Hi, I'm interested in an older tutorial. You showed how to make multiple Youtube channels on the same Youtube account. I searched for the tutorial on YouTube and on the videotutorial.ro website, but I can't find it. I don't know the title anymore. Please give me a link, if you want. Thanks.
Hi Cristi! I use for router windows and android quad11 with super smart ecs and private internet security better than cloudflare, if you want it to work on all devices you need to set router first, both windows and android and it works fast at max speed of 260Mgbs