[App] DNetworkTools (WorkInProgress Release) v0.1.73 (04 Jul, 2010)
Description:
Various IP address related tools for Network Engineers. Very handy!!
Purpose:
I did not find such good tool with finger friendly interface, so thought to put together all my old windows application code in to a good interface.
Luckily found SenseSDK by Edward, worked out great, tooks me few hours to put this application. Still it is work in progress and released for testing.
All the features do work without issues.
UI Credits:
SenseSDK by Edward Boelzner (eboelzner)
Can't find source from where i got icon which i used for application
Features:
General
Finger Friendly
Easy Interface
Open Source (Will be hosted on CodePlex)
Works on most Windows Phones
Tools
IPv4 Conversions
IPv4 Addresses
IPv4 Subnet Calculator
IPv4 CIDR Calculator
IPv4 Wildcard Mask Calculator
IPv4 Ping Tool (little buggy)
Future Features:
Few UI Bug Fixes
Save last used IP
Export details to file
Export IP ranges
IPv6 Tools
Members can request more features
Requirements:
.Net Compact Framework 3.5
Screenshots:
Screenshots are attached
Download:
Cab file is attached
Please report bugs and feedbacks.
Version History
v0.1.73 (04 Jul, 2010)
+ First work in progress release with basic features.
Reserved-2
Reserved-3
looks interesting. will try in the morning. thanks
good application ... easy for me to conversion ip class subnet
core7x said:
good application ... easy for me to conversion ip class subnet
Click to expand...
Click to collapse
Do let me know if it works ok on your device. just need feedback, will help me to improve or enhance.
Thanks.
Maria and Josef (holy sh...t ), this is what i need for a longer time. Please hold up the good work. Special thank you for sharing this very helpfull app.
- ping tool = amazing
- ip4 conversion = working perfect
- addresses = working
- subnet calculator = all 3 are working
- cidr calculator = perfect working
- wildcard mask calculator = working perfect
- settings -> about = not working
mike2nl said:
Maria and Josef (holy sh...t ), this is what i need for a longer time. Please hold up the good work. Special thank you for sharing this very helpfull app.
- ping tool = amazing
- ip4 conversion = working perfect
- addresses = working
- subnet calculator = all 3 are working
- cidr calculator = perfect working
- wildcard mask calculator = working perfect
- settings -> about = not working
Click to expand...
Click to collapse
Thanks for feedback..
i will release next version in next few days. will be fixing few bugs i found in cidr calc which crashes when changed the mask., about screen is not coded yet, less important. .
If you have any request then do let me know.
working good, maybe need to have some ipv6 stuff
because next gen ip will be ipv6
im suggest
ipv6 ip class / unicast / multicast
ipv6 subnet calculator
maybe in the future also, mobile phone will have ipv6 tunnel client !!
so that , we can use ipv6 mobile number portability
will love it
thanks
put some network scanner, port scanner and wireless radar make it a network auditing tool like retina and netstumbler
that would be awesome!
i wish i could help in "technical" way
core7x said:
working good, maybe need to have some ipv6 stuff
because next gen ip will be ipv6
im suggest
ipv6 ip class / unicast / multicast
ipv6 subnet calculator
maybe in the future also, mobile phone will have ipv6 tunnel client !!
so that , we can use ipv6 mobile number portability
will love it
thanks
Click to expand...
Click to collapse
Thanks, IPv6 already under development, but will be ready till next few releases and when IPv4 gets stable. but surely IPv6 will be part of it, i myself need it too.
randolph2000 said:
put some network scanner, port scanner and wireless radar make it a network auditing tool like retina and netstumbler
that would be awesome!
i wish i could help in "technical" way
Click to expand...
Click to collapse
Port scanner will be part of it, but not yet developed but will be done.
Cant say about rest at this point.
Thanks.
Ping Not Working Properly
Ping only works fine for the first time. It requires application restart to make it work. I'm using HTC HD2.
Suggestion: More network commands such as TRACERT, TELNET etc.
moon1978 said:
Ping only works fine for the first time. It requires application restart to make it work. I'm using HTC HD2.
Suggestion: More network commands such as TRACERT, TELNET etc.
Click to expand...
Click to collapse
That was the bug in Ping which was identified, and will be fixed, already resolved in development, should patch it in next release.
Tracert/telnet good idea.
will try to include them in my todolist.
thanks.
great tool,
could have used such a useful tool during my aprenticeship.
settings --> exit is not working on my hd2
Sweet will try it soon my device won't install cab now.will look into it
Tried it, loved it. I always have problems calculating Class B IPs and I was hoping for one for my HD2 when I saw an Android version. I think it'll be better if there's support for IPv6 as well. Also, I used it for a while and found out the tool lagged about 1 to 2 second when switching to another menu, I'm still okay with that though.
bdeath said:
great tool,
could have used such a useful tool during my aprenticeship.
settings --> exit is not working on my hd2
Click to expand...
Click to collapse
Exit issue fixed already. thanks for informing.
bloodychaos said:
Tried it, loved it. I always have problems calculating Class B IPs and I was hoping for one for my HD2 when I saw an Android version. I think it'll be better if there's support for IPv6 as well. Also, I used it for a while and found out the tool lagged about 1 to 2 second when switching to another menu, I'm still okay with that though.
Click to expand...
Click to collapse
Yes there is a big lag sometimes but not always, will try to take a look in deep and fix/optimize it.
thanks.
Related
Little utility for waking up / shutting down / rebooting or Logging off from the PC's on your network via you wm device.
Requirements;
# Wifi active on wm and connected on same local network as PC's
# Wake-On-Lan enabled on PC's
# allow http traffic on Port 7777
# obtain MAC Address for all PC's you wish to 'control'
# Multi form factor - check CAB name for correct version for your device
1. Install cab on device
2. Install the service via the msi installer on any PC's you wish to 'control'
3. Edit the WakeAndShakeConfig.xml on the device OR use the settings screen from within the app - enter your PC's IP addresses (or host name) and their corresponding MAC addresses.
09/02/2010 - Settings screen added (still needs some tweaking, a few navigation bugs)
Any Q's shout.
If you find this useful & wish to donate please see my sig button.
-=-=-
20/03 - update service installer
VGA Version?
Is there any chance for VGA version?
various form factors added, see #1
cheers,
dan
man I've been dying for something like this for a while... eagerly awaiting a QVGA version
Wish someone can make a Video Tutorial
on how to set this & post on youtube
Please
pndragon said:
man I've been dying for something like this for a while... eagerly awaiting a QVGA version
Click to expand...
Click to collapse
will try and do one later today ;-)
Thanks for sharing
added QVGA cab - see post #1
updated the PC service - if user cancels shutdown subsequent shutdown requests will now be triggered
Hi dt_matthews,
it will be very amazing was it possible to skin it for DUSK.
I have seen the screenshot and i was thinking is this something what be possible in a future version?
added IP address to settings xml and config, this is required if your PPC doesnt have regsitry entries mimicking hosts file lookup, ip address will be shown in the machine drop-down list along with the machine name
added IP address to xml and to settings screen - this is required for PPC's that dont have registry entries which mimic hosts file lookups, these IP's are displayed in the machine dropdown along with the machine name
Been waiting for an app like this
To bad I can't get the settings screen to work, it won't save the data I type in to the host, ip and mac fields.
And the xml file is clean except from the settings tag so I don't know how to modify the parameters
Please help...
HTML:
<settings><machine name="machineName1" mac="071EB93CAD68" ip="192.168.1.87"/><machine name="machineName2" mac="0219DDAFC6B3" ip="192.168.1.85"/><machine name="machineName3" mac="001A437AA515" ip="192.168.1.65"/></settings>
This is a sample of a valid version of the xnml config. Just obviously change the name tags, the mac and the IP addresses to match your machines. then run the service installer on your machines and the cab on your device and you should be fine.
shout if its not clear
cheers,
dan
Thanx! Works a lot better when one knows the param names
Next problem
Can't get the HTTP Shutdown to run properly on the PC. It starts automatic but then stopps as it has no work to do (according to windows)
Suggestions?
240z said:
Thanx! Works a lot better when one knows the param names
Next problem
Can't get the HTTP Shutdown to run properly on the PC. It starts automatic but then stopps as it has no work to do (according to windows)
Suggestions?
Click to expand...
Click to collapse
that is as designed, its an http listener which wont be show as actively 'doing' anything by svchost.exe [service manager]. as long as you are connected to the same network (and workgroup) it should be ok. let me know
i've tried this on two machines now. on one of them it won't work at all. on the other i got it to reboot ones. but know it doesn't work anymore.
on both machines windows reports application error on shutdownpcservice.exe and wants to send an error report to microsoft.
in the application log (under computer managment) i used to see how the shutdownservice started to listen to port 7777, but not anymore. it's like it not running.
i've tried to reinstall the program but that didn't do it.
thanks for your effort Dan
240z said:
i've tried this on two machines now. on one of them it won't work at all. on the other i got it to reboot ones. but know it doesn't work anymore.
on both machines windows reports application error on shutdownpcservice.exe and wants to send an error report to microsoft.
in the application log (under computer managment) i used to see how the shutdownservice started to listen to port 7777, but not anymore. it's like it not running.
i've tried to reinstall the program but that didn't do it.
thanks for your effort Dan
Click to expand...
Click to collapse
hey dude,
i've updated the service installer (see post #1) - uninstall the last version (make sure the service is uninstalled fully, you may need to uninstall it from the cmd line if it wont uninstall via the GUI) then install the new version, that is the version i am running without problems, let me know how you get on, happy to help with any tweaking ;-)
Can this be used to put the PC to sleep (into standby) rather than shutdown? If not, could this feature be added?
Windows cmd line doesnt support sleep, but there is an alternative i could use (i think), but i cant do it straight away since my pc with the code on has just given up the ghost and it'll be a bit of time till i can get the data off it, but let me know if you can wait and i'll do it as soona s i can.
cheers,
dan
Guys, I found the way to mess with the GPS settings, exactly the way we do in Bada 1.2!
//Note that the following works in Bada 2.0.1 XPKH3, and I don't guarantee that it will DEFINATELY work in the future Bada 2.0.1 betas, or final.\\
1) Enter keypad and dial *#7092463*# --> this gives you access to "Internals" menu.
-- In this menu, you can edit and test a lot of things, but always use with caution and LOGIC Also, you may want to save this code without the last "#" as a favorite contact, then load the code on the dial screen and thus entering the Internals menu without having to type it from scratch every time
2) Go to "4-Module Setting"-->"4-COMM"-->"2-Lbs"
3) Here, options:
1 Tracking Test--> This is the classic GPS signal lock test.
2 TTFF Test--> "Time To First Fix Test"- a sub-test aimed at responsiveness.
3 H/W Test--> NOT GPS signal locking test. Sensitivity & CNO test here only.
4 Settings--> (See below)
5 Delete GPS Data--> (you know what this is for, don't you?)
6 Debug Tools--> (maybe devs have interest in this)
:4 Settings options:
1 General Settings--> similar to "Application settings" in Bada 1.2, here you can actually mess with settings anyway you want.
GPS+ AutoDownload: when enabled uses your packet data or WiFi for updating the satellite files
Accuracy: by default 1000, I haven't yet tested whether a smaller value (ie. 500) produces better results.
Cold Start: I don't know what this is, maybe (IMO) it makes the GPS try to lock without using the sat files.
2 SUPL Setting--> I couldn't get into this option. Here normally would be the server that the a-GPS function downloads the sat files from.
3 H/W Setting--> I wouldn't mess with numbers here. It has something to do with tests though.
4 Set to Defatult [it means default ]--> (i guess you know this one)
5 Assist Method--> only change the method here in case someone creates a guide and commands you to do so. Normally you don't need to change this.
6 Network Profile--> You can't change from here, but that's OK, this setting can be controlled from Main Menu-->"Settings"-->"Network"-->"Application profiles"-->"Location"/"Navigation"
7 Etc Setting--> If you don't know what to do here, don't change anything.
Hope you have fun messing with the settings! Feel free to share any new discoveries, and by all means, maybe a set of settings that you find better than the default ones!
stathismes::
Know about that im waiting for Bada 2 thank you !!!
Cold start and Auto Download maybe nice thing for now if you want more change you need before set Assit mod on AGPS then you see more setting you can change like server adress...When yous changed it you reback to GPS+ mode
General Set : A-GPS UP BASED
Suupl SET :google server on server custom and google ip... port its same
You can grap GPS like maxi 40sec
change Adress
to
supl.google.com
and the port to 7262
reboot phone and then reply to GPS+ and reboot once again
For a detailed information on the GPS Settings above, you can refer to this thread: http://www.badaturkiye.com/showthread.php/bada-2-0-2690.html?
stathismes said:
Guys, I found the way to mess with the GPS settings, exactly the way we do in Bada 1.2!
//Note that the following works in Bada 2.0.1 XPKH3, and I don't guarantee that it will DEFINATELY work in the future Bada 2.0.1 betas, or final.\\
stathismes::
Click to expand...
Click to collapse
Another way to access the gps menu is by dialing *#3214789650#
BTW - IMHO the GPS works a treat in PKH2 but not in PKH3
http://forum.xda-developers.com/showpost.php?p=17005437&postcount=104
It appears that setting the port to 7262 doesn't work in PKH3 either :-(
Hmm... Tigrouzen, your gps mode is interesting... Standalone doesn't work for me... Neither does MS Based... I'll try UP Based...
I think that SFR have better location support than Bouygues... I'll post here after testing.
Update: nope... UP Based makes no difference to me. :-( it's non assisted GPS every time for me... PKH3 = borked A-GPS
Tigrouzen said:
change Adress
to
supl.google.com
and the port to 7262
reboot phone and then reply to GPS+ and reboot once again
Click to expand...
Click to collapse
What i must do to enter the supl Settings
edit
O sorry I don't read this: Cold start and Auto Download maybe nice thing for now if you want more change you need before set Assit mod on AGPS then you see more setting you can change like server adress...When yous changed it you reback to GPS+ mode
So... this is less the announcement of a hack than the announcement of a plan to attempt a hack, but this one is big enough I thought I should get it started now.
Short version: I want to get an OpenVPN client working on my phone (ideally on a stock ROM, with Root Tools).
Somewhat longer explanation: OpenVPN itself is actually a very simple program; it takes a network traffic stream from the "TAP" virtual network device, and sends it over an SSL connection to an OpenVPN server. This is also reversible (listen on the SSL connection, then route the traffic from it to the TAP "device"). It's an incredibly simple way to implement VPN, but is high-performance and secure nonetheless. The entirely to OpenVPN itself is actually implemented in user-space; I don't expect porting it to WP7 to be too difficult (in fact, there's already a WinMo port in progress that would probably be pretty easy to adapt).
The catch is the TAP driver. In short, this is a virtual network adapter that, instead of connecting the computer to a LAN or WAN, connects the computer to a program running on the computer. This program can be any number of things, but in the specific case I'm interested in, it's the OpenVPN client. The idea is that you make TAP the default network device, so every other program sends and receives its traffic over TAP... which in reality means sending and receiving over whatever the program connected to TAP is using where normally a LAN or WAN would be.
The TAP driver, so far as I know, needs to be kernel-mode; it might be possible to implement it as user-mode driver but I'm not sure if this is practical. The trick is to install a third-party driver on WP7 at all. On WinMo / PocketPC devices it was possible (see http://ovpnppc.ziggurat29.com/ovpnppc-main.htm) but those operating systems both lacked the WP7 policy system and had rather better-documented security features and APIs.
Anyhow, I wanted to announce this project, to see who else might have anything - information, code, experience, or simple suggestions - that they could contribute. The repurcussions of this project go far beyond OpenVPN, but since I find myself currently in need of that particular software, that is the goal I'm pursuing. I welcome you to join me.
I'll post updates and such about the project here, along with any code for testing.
Now this is something DEFINITELY that I will follow. I could use this... A guy that I work with has recently parted from his WinMo 6.1 (he hated 6.5) device and one of the things he said he would like to do on his WP is to VPN. I'll be glad to test or help any way I can for this
me too volunteering as beta tester for VPN!!!
I support the
Thank you my friend
Volunteering as beta tester. I have custom full rom
Sent from my 7 Trophy T8686 using Board Express
IPSec or PPTP?
i have worked on a ipsec client for linux before, but it only handle the IKE packets, ah or esp is handled by kernel protocol stack, if there are correct sp & sa, so i think you should make a driver, wp7 cut the builtin ipsec driver.really a very big project, maybe ipsec driver in ce7 can work on wp7.
IPSec and PPTP are both tunneling approaches which are implemented at the driver level. There's nothing wrong with that, but it's not my corrent and immediate goal. OpenVPN's tunneling is achieved over a simple SSL connection, entirely in user-space. This makes it trivial to implement the encryption, but offers the full power of the OpenSSL library for authentication.
While I appreciate the offers of testing, that's going to be some time off. The most useful thing would be developers. For example, has anybody worked with NDIS (Network Driver Interface Specification) before, on CE or even NT? I have not, and while I'm certainly interested in learning it, I was hoping to get this off the ground faster than will be possible if I have to learn it all myself.
I'll be working with the OpenVPN for PocketPC codebase as a starting point. It's still going to take a lot of work, though. I'll probably set up a public version control system to aid in sharing the code and (hopefully) contributing changes.
I'm also going to take a look at CE7 user-mode drivers. If it's possible to write a network driver that way, it may be easier to test and install than a kernel-mode one would be.
On my Mozart:
View attachment 1079356
View attachment 1079398
Thanks, spavlin! Unfortunately, it looks like the app queries a bunch of provisioning providers that WP7 doesn't have. There might be newer variants of those characteristics that I can try to query, though.
It's good that we're able to dump the routing info; that means there's a decent chance we'll also be able to change it. Thanks for checking that for me! Running those on my phone would take some work (not full-unlocked).
I'm currently running Calk's 2.9.1 GB ROM, and I'm interested in making the jump to ICS. Get-a-robot vpnc is a must for my work vpn. Anyone have any luck with running that on an ICS ROM? My attempts on earlier "leaked" ics TW ROMs didn't work out and was forced to jump back to Calk's GB. Thanks for any tips.
Get-a-robot vpnc
woodspoon said:
I'm currently running Calk's 2.9.1 GB ROM, and I'm interested in making the jump to ICS. Get-a-robot vpnc is a must for my work vpn. Anyone have any luck with running that on an ICS ROM? My attempts on earlier "leaked" ics TW ROMs didn't work out and was forced to jump back to Calk's GB. Thanks for any tips.
Click to expand...
Click to collapse
Hello woodspoon,
Please post if you have find the answer.
Have a nice day on.
Nice Timing
amplatfus said:
Hello woodspoon,
Please post if you have find the answer.
Have a nice day on.
Click to expand...
Click to collapse
I just got something going last night as a matter of fact. In a nutshell, I was able to get a working VPN connection using the built-in VPN client with ParanoidAndroid 2.15 (based on CM10). Link: http://forum.xda-developers.com/showthread.php?t=1867283
I was also able to get connected using the VPNC app with a couple of other ROMs (re-calked 0.2.1, CM9 Beta 1) by creating my own /dev/net directory and giving it 777 permissions prior to starting VPNC (it was force closing every time prior to that change). However, I always got booted out soon after the connection was made in those instances due to an "INVALID_PAYLOAD" error.
I received a lot of help by trying suggestions in a Google Code page requesting an ipsec VPN client in stock android. The link to that is below, as well as three highlights from the page. Ultimately I used Option #1.
Good luck!
code.google.com said:
Issue 3902: Feature Request: "pure" ipsec vpn client (cisco-compatible)
http://code.google.com/p/android/issues/detail?id=3902
1) The IPSEC VPN with Group Authentication ACTUALLY WORKS !!! On Android 4 just select:
Issue has been resoved in ICS!!!!
Choose:
- IPSec Xauth PSK: Compatible with Cisco SSL-VPN
- IPSec ID: GROUP USERNAME
- Preshared Key: GROUP PASSWORD
Connect to VPN and then enter personal username and password.
2) What I did to get around it was install NCP Secure Client from the Market (THANK YOU to whomever posted that!). It's in testing now, and available as such till the end of the month. It's just a 3rd party IPsec client, so you don't even bother with the native ICS VPN settings.
The mappings for NCP are slightly different. Here's a helpful link. http://www.ncp-e.com/en/products/ipsec-vpn-client-for-android.html . Basically:
Pre-shared Key= Group Password
IKE ID= Group Name
IKE ID Type= Free String Used to Identify Groups
Exchange Mode= Agressive
3) For anyone on ICS 4.0.3, try:
https://play.google.com/store/apps/details?id=com.gmail.mjm4456.vpncillatrial&hl=en
This does not require root and works fine even under ICS 4.0.3 where the standard Android VPN configuration does not.
Click to expand...
Click to collapse
Thank you for updated reply.
But do you know if using stock 4.0.4 ICS on XT910 RAZR MAXX built in VPN client it this possible?
All the best.
No clue. According to Google's response, it should work. But in my experience it is a bit of a crapshoot. I'd suggest starting with the code feature request link I included above to set if anyone else has posted regarding that device. Or head to a store and just try it.
https://www.xda-developers.com/android-13-native-private-dns-shelved/
February 21, 2022 8:49am Pranob Mehrotra
Google shelves plans to add support for another private DNS standard in Android 13Android currently offers support for one private DNS standard — DNS-over-TLS (DoT). However, Google has been working on adding native support for another private DNS standard for a while. In September last year, we spotted a code change in AOSP suggesting that Google planned on adding native support for the DNS-over-HTTPS (DoH) standard in Android 13. But a recently merged commit indicates that the company might have had a change of heart.
According to the recently merged code change, Google won’t enable DoH in Android 13 by default. The commit’s description states: “DoH: Don’t enable it in T by default.” While this statement doesn’t mean that Google is completely abandoning plans to add native DoH support to Android, it does clarify that that won’t happen in Android 13 Tiramisu. At the moment, we have no further details on the matter. But we’ll make sure to let you know as soon as we learn more.
For the unaware, DoT and DoH are private DNS standards that encrypt communications between your device and the Domain Name Server (DNS). Although both standards perform the same function, DoT uses TLS (also known as SSL) to encrypt DNS traffic, while DoH uses HTTP or HTTP/2 protocols to send queries and responses instead of directly over UDP (User Data Protocol).
Both standards also use different ports, with DoT using a dedicated port for DNS traffic and DoH using port 443 — the same port that all other HTTP traffic uses. This means that all your DNS traffic blends with other HTTPS traffic when using DoH, which makes monitoring and blocking DoH queries a lot more complex. These differences give DoH a slight advantage from a privacy standpoint. For this reason, we were looking forward to getting native DoH support in Android 13. Unfortunately, we might have to wait another year for Google to add native DoH support to Android.
Thanks to XDA Recognized Developer luca020400 and Mishaal Rahman for the tip!
Click to expand...
Click to collapse
Well as long as we can still use a custom dns I think we're doing good
spart0n said:
Well as long as we can still use a custom dns I think we're doing good
Click to expand...
Click to collapse
You're missing the big picture though. Without some kind of encryption, anybody can eavesdrop on your dns lookups.
96carboard said:
You're missing the big picture though. Without some kind of encryption, anybody can eavesdrop on your dns lookups.
Click to expand...
Click to collapse
That's the whole point of DoT... DNS over TLS. Why bother with DoH when DNS over HTTPS only adds an additional layer of crap over the existing TCP stack? Don't try to solve problems by moving up in the OSI layer.
craznazn said:
That's the whole point of DoT... DNS over TLS. Why bother with DoH when DNS over HTTPS only adds an additional layer of crap over the existing TCP stack? Don't try to solve problems by moving up in the OSI layer.
Click to expand...
Click to collapse
Except for the fact that most networks intercept traffic on DNS ports, and in some cases most/all ports that are non-HTTP. Like it or not, EVERYTHING is being moved to port 443 because if you block or intercept that, it is immediately obvious that the internet is broken.
96carboard said:
Except for the fact that most networks intercept traffic on DNS ports, and in some cases most/all ports that are non-HTTP. Like it or not, EVERYTHING is being moved to port 443 because if you block or intercept that, it is immediately obvious that the internet is broken.
Click to expand...
Click to collapse
What kind of network are you on where "anybody can eavesdrop on your dns lookups."?
"Most networks" do not MITM or block DoT ports. Maybe some sketch wifi, but you have bigger problems to worry about at that point.
If an adversary blocks DoT 853/8853, no queries resolve, internet is broken.
If an adversary MITMs DoT, cert fail, internet is broken.
DoH has the added complexity of HTTP headers, allowing tracking and other privacy issues if implemented poorly.
The inventor of DNS prefers DoT over DoH,
https://twitter.com/i/web/status/1047613817541120000
Think about why big tech wants you to use DoH over DoT....
Still not sure why you would even WANT to have DNS run on the app layer instead of transport.
yeah on home network my DoT is handeled by my firewall but over mobile networks or public wifi I use DoT via custom dns in android
I think they both have a place. Many times DoT port is blocked on corporate networks, but I guess you can use something like RethinkDNS at that point. Still an interesting discussion to say the least.
craznazn said:
What kind of network are you on where "anybody can eavesdrop on your dns lookups."?
"Most networks" do not MITM or block DoT ports. Maybe some sketch wifi, but you have bigger problems to worry about at that point.
If an adversary blocks DoT 853/8853, no queries resolve, internet is broken.
If an adversary MITMs DoT, cert fail, internet is broken.
DoH has the added complexity of HTTP headers, allowing tracking and other privacy issues if implemented poorly.
The inventor of DNS prefers DoT over DoH,
https://twitter.com/i/web/status/1047613817541120000
Think about why big tech wants you to use DoH over DoT....
Still not sure why you would even WANT to have DNS run on the app layer instead of transport.
Click to expand...
Click to collapse
The fact you aren't aware is reason enough for changes in how DNS works.